14 matches found
EUVD-2020-24967
Malware in sbrugna...
CVE-2020-3696
u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service RDoS attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series hardware, VM-Series virtual and CN-Series container firewall...
Over 1 Million Sites Impacted by Vulnerability in Starter Templates Plugin
On October 4, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for the Starter Templates plugin, which is installed on over 1 Million WordPress websites. The full name of the WordPress plugin is “Starter Templates — Elementor, Gutenberg & Beaver Builder...
Design/Logic Flaw
u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2020-3696
CVE-2020-3696 describes a use-after-free in the IP cracker (ipcrtr) when installing a new security rule since the old one is deleted but could still be in use. Affected families include Snapdragon Auto/Consumer IOT/Industrial IOT/Mobile/Voice & Music/Wearables and Snapdragon Wired Infrastructure ...
CVE-2020-3696
u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...
New OCR-ready risk analysis: Why the confusion?
Are you ready for an Office for Civil Rights OCR investigation? Will your risk analysis and risk management methodologies and documents be sufficient to meet the HIPAA Security Rule?...
Cybersecurity Risk Management – From HIPAA to HITRUST
Cybersecurity risk management for healthcare organizations continues to be a perplexing issue. While it is explicit in the security management standard of the HIPAA Security Rule that a Covered Entity and their Business Associates must conduct an "accurate and thorough" risk analysis teamed with ...
Microsoft Windows Firewall: Domain: Inbound connections
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. C Microsoft Corporation 2015. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
WordPress Arbitrary File Deletion Vulnerability Plugged With Patch 4.9.7
On Jun 26 an arbitrary file deletion vulnerability in the WordPress core was publicly disclosed, the vulnerability could allow an authenticated attacker to delete any file and in some cases execute arbitrary code. WordPress is a free, popular, and open-source content management system currently...
Drupalgeddon3: Third Critical Flaw Discovered
For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core. The vulnerability, code-named...
Final HITECH Act Stage 3 Meaningful Use Rules May Require Annual Risk Analysis plus a Risk Management Component
The comments are in and the HHS is scrambling to review them all before they issue the final Stage 3 Meaningful Use rules later this summer. Comments from entities such as CHIME and HIMSS represent good news and bad news for healthcare providers, depending on how you look at it. The HIPAA Securit...
checkpoint-fw1.vuln.txt
There are two vulnerabilities in FW-1. The first is an authentication issue, the other is a configuration issue. Since I don't have a copy of 4.x FW-1 handy maybe someone can check it for me. 1 The basic authentication used in Checkpoint FW-1 used for inside/outbound and outside/inbound allows...