CVE-2019-1840

Cisco Prime Network Registrar is affected by CVE-2019-1840 in the DHCPv6 input packet processor. The root cause is incomplete validation when a custom extension attempts to modify a received DHCPv6 packet before sanitization, which can be exploited by an unauthenticated attacker sending malformed...

Default Privileged Account Vulnerability in the NetApp Service Processor - Lenovo Support US

No description provided...

Default Privileged Account Vulnerability in the NetApp Service Processor - US

Lenovo Security Advisory: LEN-26771 Potential Impact: Privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-5490 Summary Description: Certain versions of the NetApp Service Processor firmware were shipped with a default account enabled that could allow...

CVE-2018-18068

The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 the highest privilege level in ARMv8 memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug...

CVE-2018-18068

The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 the highest privilege level in ARMv8 memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug...

perfetto/trace_processor_fuzzer: Crash in perfetto::trace_processor::ProtoTraceParser::ParsePowerRails

Project: https://android.googlesource.com/platform/external/perfetto/ Detailed report: https://oss-fuzz.com/testcase?key=5706766165213184 Project: perfetto Fuzzer: libFuzzerperfettotraceprocessorfuzzer Fuzz target binary: traceprocessorfuzzer Job Type: libfuzzerasanperfetto Platform Id: linux Cra...

CVE-2019-1749

A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router ASR 900 Route Switch Processor 3 RSP3 could allow an unauthenticated, adjacent attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The...

UBUNTU-CVE-2018-12545

In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations require...

[SECURITY] Fedora 29 Update: qemu-3.0.0-4.fc29

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Command injection

Certain versions between 2.x to 5.x refer to advisory of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixe...

CVE-2019-5490

Certain versions between 2.x to 5.x refer to advisory of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixe...

CVE-2019-5490

Certain versions between 2.x to 5.x refer to advisory of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixe...

CVE-2019-5490

Certain versions between 2.x to 5.x refer to advisory of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixe...

CVE-2019-5490

CVE-2019-5490 affects NetApp Service Processor firmware 2.x–5.x, shipped with a default account enabled, enabling unauthorized command execution. The issue is tied to the default-privilege account and is documented by NetApp/Lenovo advisories; affected platforms may include the listed models, req...

UBUNTU-CVE-2018-16789

libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and taking the service down...

PT-2019-3473 · Apache +8 · Apache Traffic Server +9

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions affected versions not specified Apache HTTP Server versions affected versions not specified Node.js versions affected versions not specified Description: The issue is related to errors in the mechanism controlli...

Intel 7th Generation Intel Core Processor and 8th Generation Intel Core Processor Trust Management Issues Vulnerability

The Intel 8th Generation Intel Core Processor and Intel 7th Generation Intel Core Processor are both products of Intel Corporation.The Intel 8th Generation Intel Core Processor is an Intel 8th Generation Intel Core Processor. The Intel 8th Generation Intel Core Processor is an eighth-generation...

Intel 8th Generation Intel Core Processor and 7th Generation Intel Core Processor Privilege Permission and Access Control Issues Vulnerability

The 8th Generation Intel Core Processor and 7th Generation Intel Core Processor are both products of Intel Corporation. 8th Generation Intel Core Processor is an 8th Generation Core Series The 8th Generation Intel Core Processor is an eighth-generation Core series central processing unit CPU, whi...

CVE-2018-12203

Denial of service vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel Core Processor, 7th Generation Intel Core Processor may allow privileged user to potentially execute arbitrary code via local access...

Privilege escalation

Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation IntelR Core Processor, 7th Generation IntelR Core Processor may allow privileged user to potentially leverage existing features via local access...