Cisco Firepower Threat Defense Software Denial of Service Vulnerability

Cisco Appliance ASA 5500-X Series Next-Generation Firewalls, etc. are firewall products from Cisco, U.S.A. Firepower Threat Defense FTD Software is one of the intrusion prevention systems. A denial of service vulnerability exists in the SSL traffic encryption process of FTD Software in multiple...

DEBIAN-CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

Q2 2017 Global DDoS Threat Landscape Report

This week we released our latest Global DDoS Threat Landscape Report, a statistical analysis of more than 15,000 network and application layer DDoS attacks mitigated by Imperva Incapsula services during Q2 2017. This quarter, for the fifth one in a row, we saw a decrease in the number of network...

CVE-2017-12245

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak...

CVE-2017-0812

An elevation of privilege vulnerability in the Android media framework audio hal. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231...

UBUNTU-CVE-2017-0823

An information disclosure vulnerability in the Android system rild. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655...

UBUNTU-CVE-2017-0812

An elevation of privilege vulnerability in the Android media framework audio hal. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231...

TCP Stream Replay Tool: TCPCopy

Although the real live flow is important for the test of Internet server applications, it is hard to simulate it as online environments are too complex. To support more realistic testing of Internet server applications, we develop a live flow reproduction tool – TCPCopy, which could generate the...

Unable to import App Layering OS Layer to ELM from vSphere

After creating a vSphere connector and selected the host and VM to import into the Enterprise Layer Manager ELM as an OS layer, the operation will timeout within a few minutes. vSphere shows an exporting task stuck at 0% before timing out...

Huawei OceanStor Product Information Disclosure Vulnerability

Huawei OceanStor 5800 and OceanStor 6900 are both mid-range and high-end storage systems from Huawei, China. The information disclosure vulnerability exists in Huawei OceanStor 5800 V3 and OceanStor 6900 V3 products due to the use of TLS 1.0 for transport encryption. An attacker could exploit the...

NVIDIA GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2017-30724)

NVIDIA GPU Display Driver is a graphics processor GPU graphics card driver from NVIDIA. kernel mode layer handler is one of the kernel mode layer handler. A security vulnerability exists in the kernel mode layer handler in the NVIDIA GPU Display Driver. An attacker could exploit this vulnerabilit...

NVIDIA GPU Display Driver Denial of Service Vulnerability (CNVD-2017-30718)

NVIDIA GPU Display Driver is a graphics processor GPU graphics card driver from NVIDIA. kernel mode layer handler is one of the kernel mode layer handler. A security vulnerability exists in the kernel mode layer handler in the NVIDIA GPU Display Driver, which is caused by incorrect access control...

CVE-2017-6272

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges...

DEBIAN-CVE-2017-6266

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service...

CVE-2017-6266

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service...

CVE-2017-6267

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service...

DEBIAN-CVE-2017-6267

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service...

CVE-2017-6277

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of...

UBUNTU-CVE-2017-6266

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service...

mysql: incorrect enforcement of ssl-mode=REQUIRED in MySQL 5.5 and 5.6

It was discovered that the MySQL client command line tools only checked after authentication whether server supported SSL. A man-in-the-middle attacker could use this flaw to hijack client's authentication to the server even if the client was configured to require SSL connection...