CVE-2018-0297

A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer SSL Access Control AC policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets...

Cisco Firepower Threat Defense software Remote Security Bypass Vulnerability

Cisco Firepower Threat Defense is the United States Cisco Cisco company's set of software running in the firewall. detection engine is one of the detection engine. A security vulnerability exists in the detection engine in Cisco Firepower Threat Defense, which stems from the program's failure to...

The vulnerability in the implementation of the TLS protocol for Cavium Nitrox SSL, Nitrox V SSL, Octeon SSL, and TurboSSL development tools allows a hacker to disclose sensitive information that should be protected.

The vulnerability of the TLS Transport Layer Security implementation in Cavium Nitrox SSL, Nitrox V SSL, Octeon SSL, and TurboSSL development kits is related to errors in the TLS standard’s implementation. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

T.JOY KINEPASS App for Android and iOS SSL Server Certificate Vulnerability

T.JOY KINEPASS App for Android is an Android-based application for booking and purchasing movie tickets online from T.JOY Japan.KINEPASS App for iOS is its iOS-based version. A security vulnerability exists in T.JOY KINEPASS App 3.1.1 and earlier versions for Android and KINEPASS App 3.1.2 and...

Simple DirectMedia Layer SDL2_image Stack Buffer Overflow Vulnerability

Simple DirectMedia Layer is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software, and emulators. sdl2image is a component used in it for parsing and displaying various image file formats. A stack buffer overflow vulnerability exists in t...

Simple DirectMedia Layer SDL2_image Heap Buffer Overflow Vulnerability

Simple DirectMedia Layer is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software, and emulators. sdl2image is a component used in it for parsing and displaying various image file formats. A heap buffer overflow vulnerability exists in th...

Simple DirectMedia Layer SDL2_image Double Release Vulnerability

Simple DirectMedia Layer is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software, and emulators. sdl2image is a component used in it for parsing and displaying various image file formats. A double release vulnerability exists in the XCF...

CVE-2018-0591

The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transport Layer Security Library Input Validation Vulnerability

The Cisco Adaptive Security Virtual Appliance and others are security appliances from Cisco in the U.S. The Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software are operating systems that run in different security appliances. Adaptive Security Appliance ASA Software...

Cisco Firepower System Software Denial of Service Vulnerability (CNVD-2018-11127)

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco, Inc.Secure Sockets Layer SSL is one of the SSL Secure Sockets Layer engines. A resource management error vulnerability exists in the SSL engine in Cisco Firepower System Software that stems from the program...

Cannot run Windows updates on Office layer due to error C80001FE (4.x, 2.x)

Windows update succeeds on a new OS layer version but reports error C80001FE when a layer with Microsoft Office is booted with the new OS layer version. This may be caused by hiding an update in the OS layer...

Asylo Open-Source Framework Tackles TEEs for Cloud

Asylo, an open-source framework and software development kit SDK for creating applications that run in trusted execution environments TEEs, has launched to tackle the complexity involved in running a confidential computing platform for workloads in the cloud and virtual environments. TEEs provide...

mp3gain Denial of Service Vulnerability

mp3gain is a volume adjustment application for MP3 files. A security vulnerability exists in the 'IIIdequantizesample' function in the mpglibDBL/layer3.c file in mp3gain 1.5.2-r2 and earlier versions, which stems from a read access privilege conflict in the program. A remote attacker could exploi...

Cisco Firepower System Transient Denial of Service Vulnerability

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. detection engine is an intrusion detection engine. A cryptographic vulnerability exists in the detection engine in Cisco Firepower System Software, which stems from the program's failure to properly handle the...

Cisco Firepower System Transient Denial of Service Vulnerability (CNVD-2018-09028)

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. A cryptographic vulnerability exists in Cisco Firepower System Software, which arises from a failure of the program to properly handle Transport Layer Security TLS extensions when establishing a TLS connection ...

Oracle Security Service Component Remote Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, etc. Security Service is one of the security service components. A security vulnerability exists in the...

CVE-2018-0283

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service DoS condition. The vulnerability is due to the incorrect...

CVE-2018-0281

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service DoS condition. The vulnerability is due to the incorrect...

CVE-2018-0262

A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. The vulnerability is due to incorrect default configuration of the device, which...

Cisco Firepower System Software Transport Layer Security Denial of Service Vulnerability

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service DoS condition. The vulnerability is due to the incorrect...