CVE-2020-3319

A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an attacker to cause a process crash resulting in a Denial of service DoS condition for the player application on an affected system. The vulnerability exists due to insufficient...

Beers with Talos Ep. #72: Getting to Patch Day - Understanding Vulnerability Risks and Options

Beers with Talos BWT Podcast episode No. 72 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded Jan. 31, 2020 When a vulnerability is released, regardless if it has a website and logo or not, we need to...

MicroStrategy Web Cross-Site Scripting Vulnerability (CNVD-2019-23751)

Microstrategy Web is a set of U.S. Microstrategy's enterprise data analysis platform. The platform features data discovery, data visualization and report generation. A cross-site scripting vulnerability exists in the 'FLTB' parameter in MicroStrategy Web versions prior to 10.1 patch 10. The...

CVE-2018-1206

Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. The affected account is "apollosuperuser." An attacker with local access to the server where D...

CVE-2017-8208

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has...

Multiple SQL Injection Vulnerabilities in MetalGenix GeniXCMS

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. Multiple SQL injection vulnerabilities exist in the inc/lib/User.class.php file in MetalGenix GeniXCMS...

CVE-2016-0236

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to execute arbitrary commands with root privileges via the search field...

Adobe to Share Vulnerability Data with Security Vendors

LAS VEGAS — Adobe’s push to beef up its security posture took another leap forward here with the announcement of plans to start sharing details on software vulnerabilities with security vendors ahead of time to help reduce the window of exposure to hacker attacks. In partnership with Microsoft,...

Microsoft Warns of New IE Code Execution Flaw

Microsoft’s security response team is investigating reports of a potentially dangerous code execution vulnerability in its flagship Internet Explorer browser. The company warned that an attacker could host a maliciously crafted web page and run arbitrary code if they could convince a user to visi...

CVE-2005-4127

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4092. Reason: This candidate is a duplicate of CVE-2005-4092. This candidate was originally published to handle a pre-patch vague announcement, but multiple simultaneous pre-patch announcements resulted in duplicate CVEs that...

Linux news 15.11.00

Linux Kernel pre-patch 2.4.0 test11-pre5 Пятый пререлиз одинадцатого тестового ядра Linux за номером 2.4. Подробнее: ftp://ftp.funet.fi/pub/linux/kernel/testing Вышел Kernel Traffic 93 Вышел 93 номер Kernel Traffic. Подробнее: http://linuxtoday.com/newsstory.php3?ltsn=2000-11-13-003-06-OS-KN Опро...

Linux news 15.08.00

Linux Kernel pre-patch 2.4.0 test7-pre4 Вышел новый, четвертый по счету, пререлиз седьмого тестового ядра Linux - Linux Kernel 2.4.0. Подробнее: ftp://ftp.funet.fi/pub/linux/kernel/testing GNU Parted 1.3.0 Beta Вышла новая версия утилиты для безболезненного изменения разделов ext2,fat... Изменени...

Linux news 10.07.00

Linux Kernel pre-patch 2.4.0 test3-pre7 Вышел очередной пререлиз третьего тестового ядра Linux Kernel 2.4.0. Подробнее: ftp://ftp.funet.fi/pub/linux/kernel/testing mutt 1.2.4 Вышла новая версия крутой консольной читалки и писалки почты. Подробнее: http://www.mutt.org/ Ошибка в BitchX Просто Bitch...

Linux news 7.07.00

Linux Kernel pre-patch 2.4.0 test3-pre3 Вышел третий пререлиз третьего тестового ядра Linux Kernel 2.4.0. Подробнее: ftp://ftp.funet.fi/pub/linux/kernel/testing Kernel traffic 74 Вышел очередной номер отличного сборника писем с комментариями из списка рассылки ядра Linux. На этот раз там можно...