CVE-2007-5197

Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods...

CVE-2019-15272

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of malformed HT...

CVE-2019-15272

CVE-2019-15272 affects Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME). The root cause is improper handling of malformed HTTP methods in the web-based interface, allowing an unauthenticated, remote attacker to bypass security restrict...

CVE-2019-15272 Cisco Unified Communications Manager Security Bypass Vulnerability

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of malformed HT...

CVE-2019-15272 Cisco Unified Communications Manager Security Bypass Vulnerability

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of malformed HT...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2228-1 Rating: important References: 1151229 Cross-References: CVE-2019-13685 CVE-2019-13686 CVE-2019-13687 CVE-2019-13688 Affected Products: openSUSE Backports SLE-15 An update that fixes four vulnerabilitie...

Security update for djvulibre (moderate)

openSUSE Security Update: Security update for djvulibre Announcement ID: openSUSE-SU-2019:2217-1 Rating: moderate References: 1146569 1146571 1146572 1146702 Cross-References: CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145 Affected Products: openSUSE Leap 15.0 An update that fixes fo...

Security update for libopenmpt (moderate)

openSUSE Security Update: Security update for libopenmpt Announcement ID: openSUSE-SU-2019:2212-1 Rating: moderate References: 1143578 1143581 1143582 1143584 Cross-References: CVE-2018-20860 CVE-2018-20861 CVE-2019-14382 CVE-2019-14383 Affected Products: openSUSE Leap 15.0 An update that fixes...

Code injection

Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2019:2160-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2186-1 Rating: important References: 1151229 Cross-References: CVE-2019-13685 CVE-2019-13686 CVE-2019-13687 CVE-2019-13688 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes four...

Security update for fish3 (moderate)

openSUSE Security Update: Security update for fish3 Announcement ID: openSUSE-SU-2019:2188-1 Rating: moderate References: Cross-References: CVE-2014-2905 CVE-2014-2906 CVE-2014-2914 CVE-2014-3219 CVE-2014-3856 Affected Products: openSUSE Leap 15.1 An update that fixes 5 vulnerabilities is now...

CVE-2019-1253

An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from...

Description of the security update for Microsoft Exchange Server 2019 and Exchange Server 2016: September 10, 2019

Description of the security update for Microsoft Exchange Server 2019 and Exchange Server 2016: September 10, 2019 This update rollup is a security update that resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilitie...

Security update for nodejs10 (important)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2019:2114-1 Rating: important References: 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 Cross-References: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516...

Recommended update for opera (important)

openSUSE Security Update: Recommended update for opera Announcement ID: openSUSE-SU-2019:2107-1 Rating: important References: Affected Products: openSUSE Leap 15.1:NonFree openSUSE Leap 15.0:NonFree An update that contains security fixes can now be installed. Description:This update for opera fix...

Ransomware Protection and Containment Strategies: Practical Guidance for Endpoint Protection, Hardening, and Containment

UPDATE Oct. 30, 2020: We have updated the report to include additional protection and containment strategies based on front-line visibility and response efforts in combating ransomware. While the full scope of recommendations included within the initial report remain unchanged, the following...

Fedora Update for python-mitogen FEDORA-2019-b25dd670a4

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

UBUNTU-CVE-2019-15718

In systemd 240, busopensystemwatchbindwithdescription in shared/bus-util.c as used by systemd-resolved to connect to the system D-Bus instance, calls sdbussettrusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that...

Scalable infrastructure for investigations and incident response

Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to th...