Buffer overflow

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1...

CVE-2020-2040

CVE-2020-2040 is a PAN-OS buffer overflow in the Captive Portal or MFA interface that can be exploited by an unauthenticated remote attacker to disrupt system processes and potentially execute code with root privileges. Affected PAN-OS versions: all 8.0; 8.1 prior to 8.1.15; 9.0 prior to 9.0.9; 9...

PAN-OS: Buffer overflow in the management web interface

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Work around: This issue impacts the PAN-OS management web interface but you can mitigate the impact o...

PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled

A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...

CVE-2020-2040

A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...

Bpytop - Linux/OSX/FreeBSD Resource Monitor

Resource monitor that shows usage and stats for processor, memory, disks, network and processes. Python port of bashtop. Features Easy to use, with a game inspired menu system. Full mouse support, all buttons with a highlighted key is clickable and mouse scroll works in process list and menu boxe...

Detect FritzFrog and Other Malware Infections with Inventory Data

Recently, Guardicore researchers discovered a new type of malware called “FritzFrog,” which targets multiple industry verticals, including government, finance, and healthcare. It employs brute-forcing SSH credentials as an initial attack vector, uses a proprietary P2P protocol to efficiently...

Malicious Package in 1337qq-js

All versions of 1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes: - Environment variables - Running processes - /etc/hosts - uname -a - npmrc file Recommendation Remove the packag...

UBUNTU-CVE-2020-14386

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity...

CVE-2020-3504

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

CVE-2020-3504

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

CVE-2020-3504 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

Bashtop - Linux/OSX/FreeBSD Resource Monitor

Bpytop, bashtop python port is now available at https://github.com/aristocratos/bpytop It's a lot faster and about a third as cpu heavy and has more features, including: Mouse support Toggleable mini mode More customization Graphs for memory consumption It's also a lot easier for me to bug fix an...

Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

PT-2020-3774 · Cisco · Cisco Ucs 6400 Series Fabric Interconnects +1

Name of the Vulnerable Software and Affected Versions: Cisco UCS 6400 Series Fabric Interconnects affected versions not specified Cisco UCS Manager Software affected versions not specified Description: The issue is related to the improper handling of CLI command parameters in the local management...

Microsoft .NET Framework Multiple Vulnerabilities (KB4570506)

This host is missing an important security update according to Microsoft KB4570506 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2020-0257

In SpecializeCommon of comandroidinternalosZygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Input validation

In SpecializeCommon of comandroidinternalosZygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2020-14979

The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 through 1.0.6 allow local users, including low integrity processes, to read and write to arbitrary memory locations. This allows any user to gain NT AUTHORITY\SYSTEM privileges by mapping \Device\PhysicalMemory into the calli...

Prometheus Blackbox Exporter Code Issue Vulnerability

Prometheus Blackbox Exporter is a blackbox exporter released by the Linux Foundation in the United States that allows blackbox probing of endpoints over HTTP, HTTPS, DNS, TCP and ICMP. A code issue vulnerability exists in Prometheus Blackbox Exporter 0.17.0 and earlier versions. The vulnerability...