4722 matches found
CVE-2019-1760 Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability
A vulnerability in Performance Routing Version 3 PfRv3 of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by...
CVE-2019-1760 Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability
A vulnerability in Performance Routing Version 3 PfRv3 of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by...
Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability
A vulnerability in Performance Routing Version 3 PfRv3 of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this vulnerability by...
openSUSE Security Update : gnutls (openSUSE-2019-746)
This update for gnutls fixes the following security issues : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirtee...
CentOS 7 : kernel (CESA-2019:0512)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
The Evidence That Could Impeach Donald Trump
Nancy Pelosi’s comments about impeachment acknowledge a political reality: Nothing the Mueller probe has revealed so far has moved the GOP substantially...
Ntopng - Web-based Traffic And Security Network Traffic Monitoring
ntopng is the next generation version of the original ntop, a network traffic probe that monitors network usage. ntopng is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform, MacOSX and on Windows as well. ntopng – yes, it’s all lowercase –...
No One is Safe: the Five Most Popular Social Engineering Attacks Against Your Company’s Wi-Fi Network
Your Wi-Fi routers and access points all have strong WPA2 passwords, unique SSIDs, the latest firmware updates, and even MAC address filtering. Good job, networking and cybersecurity teams! However, is your network truly protected? TL;DR: NO! In this post, I’ll cover the most common social...
7 Scenarios for How the Mueller Probe Might End
Reports say that the special counsel will be "wrapping up" his investigation soon. Here's what that might actually mean...
Trump Must Be a Russian Agent; the Alternative Is Too Awful
We know a lot about the “what” of the Mueller probe’s findings. The crucial questions now focus on the “why.”...
WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack
The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...
Framework for Rogue Wi-Fi Access Point Attack: WiFi-Pumpkin
The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...
Amazon Linux 2 : gnutls (ALAS-2018-1120)
It was found that GnuTLS's implementation of HMAC-SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.CVE-2018-10844 It was foun...
Linux kernel 'usb_audio_probe' function memory misreference vulnerability
The Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the U.S. ALSA Driver is one of the audio drivers. A memory misreference vulnerability exists in the 'usbaudioprobe' function of the sound/usb/card.c file of the ALSA Driver in the...
Design/Logic Flaw
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled in usbaudioprobe in sound/usb/card.c...
DEBIAN-CVE-2018-19824
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled in usbaudioprobe in sound/usb/card.c...
CVE-2018-11823
CVE-2018-11823 affects CAF Android releases (Android for MSM, Firefox OS for MSM, QRD Android) based on the Linux kernel. The vulnerability is a double-free in the power module triggered by freeing device memory during driver probe failure. Root cause described as improper memory handling in the ...
CVE-2018-11918
In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with an error code...
Double free
In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power module...
Code injection
In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with an error code...