CVE-2019-6576

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" All versions V15.1 Update 1, SIMATIC HMI Comfort Outdoor Panels 7" & 15" All versions V15.1 Update 1, SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F All versions V15.1 Update 1, SIMATIC WinCC...

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

ALPINE-CVE-2019-11499

In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message...

CVE-2018-5408

The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by using a...

Rockwell Automation Stratix 8300 10-Port Layer 3 managed switch 1783-RMS06T plus 4-Port Expansion Module Communications Adapter

Binary data 753037.prm...

Rockwell Automation Stratix 8300 18-Port Layer 3 managed switch 1783-RMS06T plus 4-Port in Expansion Modules 1 and 8-Port in Expansion Modules 2 Communications Adapter

Binary data 753040.prm...

Rockwell Automation Stratix 8300 18-Port Layer 3 managed switch 1783-RMS06T plus 8-Port in Expansion Module 1 and 4-Port Expansion Modules 2 Communications Adapter

Binary data 753041.prm...

Rockwell Automation Stratix 8300 14-Port Layer 3 managed switch 1783-RMS06T plus two 4-Port Expansion Modules Communications Adapter

Binary data 753039.prm...

Rockwell Automation Stratix 8300 22-Port Layer 3 managed switch 1783-RMS10T plus 8-Port in expansion module 1 and 4-Port in Expansion Module 2 Communications Adapter

Binary data 753044.prm...

Rockwell Automation Stratix 8300 22-Port Layer 3 managed switch 1783-RMS10T plus 4-Port Expansion Module 1 and 8-Port in Expansion Module 2 Communications Adapter

Binary data 753043.prm...

Siemens XC206 Switch Detection

Binary data 762271.prm...

Rockwell Automation Stratix 8300 18-Port Layer 3 managed switch 1783-RMS10T plus two 4-Port Expansion Modules Communications Adapter

Binary data 753042.prm...

Rockwell Automation Stratix 8300 14-Port Layer 3 managed switch 1783-RMS10T plus 4-Port Expansion Module Communications Adapter

Binary data 753038.prm...

What Is Application Shielding?

Security firms are increasingly touting application shielding as an important layer of defense. But it may be better suited to DRM...

PT-2019-4740 · Simple Directmedia Layer +1 · Sdl +2

Name of the Vulnerable Software and Affected Versions: Simple DirectMedia Layer SDL version 2.0.9 SDL2 image version 2.0.4 Description: The issue is related to a heap-based buffer overflow in the IMG LoadPCX RW function, located in IMG pcx.c, which can lead to a denial of service. This overflow...

CVE-2019-6619

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel TMM may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation ALPN enabled and it processes traffic where the ALPN extension size is zero...

CVE-2019-1687

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service DoS condition. The...

CVE-2019-1590

A vulnerability in the Transport Layer Security TLS certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The...