CVE-2018-3925

An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely parses the AWSELB cookie while communicating with remote video-hos...

Microsoft .NET Framework Information Disclosure Vulnerability (KB4344146)

This host is missing an important security update according to Microsoft KB4344146 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Multiple Vulnerabilities (KB4344147)

This host is missing an important security update according to Microsoft KB4344147 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Information Disclosure Vulnerability (KB4344149)

This host is missing an important security update according to Microsoft KB4344149 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344148)

Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 KB 4344148 Summary This update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The...

Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344176)

Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 KB 4344176 Summary This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant...

Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344166)

Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 KB 4344166 Summary This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to acce...

.NET Framework Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend...

Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB 4344147)

Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 KB 4344147 Summary This update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenan...

Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 (KB 4344150)

Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 KB 4344150 This article also applies to the following: Microsoft .NET Framework 3.5 Summary This update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an...

Homoglyphs - Get Similar Letters, Convert To ASCII, Detect Possible Languages And UTF-8 Group

Homoglyphs -- python library for getting homoglyphs and converting to ASCII. Features It's smarter version of confusablehomoglyphs: Autodect or manual choosing category aliases from ISO 15924. Auto or manual load only needed alphabets in memory. Converting to ASCII. More configurable. More stable...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

NetScaler MAS Not Showing SSL Insight Data

Any SSL load balancer, content switching or NetScaler Gateway does not display SSL Insight data...

UBUNTU-CVE-2018-5810

An error within the "rolleiloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...

UBUNTU-CVE-2018-5807

An error within the "samsungloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Introducing: Malwarebytes Browser Extension

Are you tired of all the unwanted content the world wide web offers up, whether you like it or not? It is our privilege to introduce you to the Malwarebytes Browser Extension BETA. Or, better said, the Malwarebytes Browser Extensions, because we have one for Firefox and one for Chrome. Introducti...

GHSA-R38R-QP28-2M63 Code injection in rope

base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...

Cisco SD-WAN Solution Remote Command Injection Vulnerability (CNVD-2018-14074)

Cisco vBond Orchestrator Software and other products are from Cisco. cisco vBond Orchestrator Software is a set of security network extension management software. vEdge 100 Series Routers is a 100 series router product. SD-WAN Solution is a set of network extension solution running in it. A comma...