Trend Micro Maximum Security 2019 - Arbitrary Code Execution

Trend Micro Maximum Security 2019 - Arbitrary Code Execution Exploit Title: Trend Micro Maximum Security 2019 - Arbitrary Code Execution Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security...

Trend Micro Maximum Security 2019 - Arbitrary Code Execution

Exploit Title: Trend Micro Maximum Security 2019 - Arbitrary Code Execution Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019...

CVE-2020-0004

In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Trend Micro Maximum Security Link Resolution Information Disclosure And Denial-of-Service Vulnerability

This vulnerability allows local attackers to disclose sensitive information or to create a denial-of-service condition on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

Multiple Trend Micro Products CVE-2019-18190 Arbitrary Code Execution Vulnerability

Description Multiple Trend Micro Products are prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to crash the affected application or execute arbitrary code in the context of the affected application. Technologies Affected Trend Micro Antivirus+ Security 16.0...

Buffer overflow

Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2019-1969

A vulnerability in the implementation of the Simple Network Management Protocol SNMP Access Control List ACL feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The...

[SECURITY] Fedora 29 Update: igraph-0.7.1-12.fc29

igraph wants to be an efficient platform for 1 complex network analysis and 2 developing and implementing graph algorithms. It provides flexible and efficient data structures for graphs and related tasks. It also provides implementation to many classic and new graph algorithms like: maximum flows...

[SECURITY] Fedora 30 Update: igraph-0.7.1-12.fc30

igraph wants to be an efficient platform for 1 complex network analysis and 2 developing and implementing graph algorithms. It provides flexible and efficient data structures for graphs and related tasks. It also provides implementation to many classic and new graph algorithms like: maximum flows...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0165)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information...

polkit: Improper handling of user with uid > INT_MAX leading to authentication bypass

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

openSUSE Security Update : tomcat (openSUSE-2019-1808)

This update for tomcat to version 9.0.21 fixes the following issues : Security issues fixed : - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames bsc1131055. - CVE-2019-0221: Fixed a cross site scripting vulnerabilit...

OPENSUSE-SU-2019:1808-1 Security update for tomcat

This update for tomcat to version 9.0.21 fixes the following issues: Security issues fixed: - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames bsc1131055. - CVE-2019-0221: Fixed a cross site scripting vulnerability...

SUSE-SU-2019:1895-1 Security update for tomcat

This update for tomcat to version 9.0.21 fixes the following issues: Security issues fixed: - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames bsc1131055. - CVE-2019-0221: Fixed a cross site scripting vulnerability...

kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service

An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

OPENSUSE-SU-2019:1673-1 Security update for tomcat

This update for tomcat to version 9.0.20 fixes the following issues: Security issues fixed: - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames bsc1131055. - CVE-2019-0221: Fixed a cross site scripting vulnerability...

Security update for tomcat (moderate)

openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2019:1673-1 Rating: moderate References: 1111966 1131055 1136085 Cross-References: CVE-2019-0199 CVE-2019-0221 Affected Products: openSUSE Leap 15.0 An update that solves two vulnerabilities and has one errata is no...

kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service

An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...