215 matches found
Avalanche 6.4.3.602 - additional security hardening and CVE fixed
Last Modified Date Aug 16, 2024 6:00:39 PM...
Cisco IP Phones 8800 Series File Upload Denial of Service (CVE-2019-1766)
A vulnerability in the web-based management interface of Session Initiation Protocol SIP Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability exists because the...
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software releas...
CVE-2023-20269
Cisco ASA/FTD remote access VPN vulnerability CVE-2023-20269 allows an unauthenticated, remote attacker to perform brute force against credentials or, for older releases (
OPENSUSE-SU-2023:0162-1 Security update for xonotic
This update for xonotic fixes the following issues: Update to version 0.8.6 SECURITY ALERT: A bug was discovered in versions older than 0.8.6 that is believed to be exploitable by malicious server admins to crash clients or, if they defeat mitigations, execute arbitrary code. boo1212632 update to...
JSA10399 - Security Vulnerability in Pulse Policy Secure (PPS) software's radius authentication mechanism
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This Security Advisory is an addendum to JSA10380.. The purpose is to notify customers of the removal of the affected releases from the Pulse Secure software download site. JSA10380 -...
SA43604 - 2018-01 Out-of-Cycle Advisory: Stack buffer overflow Vulnerability (CVE-2018-5299)
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A buffer overflow vulnerability has been found in the web server that could allow a remote attacker to cause memory corruption and possibly execute arbitrary code via a crafted web...
Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 CVSS score: 6.5, the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote...
new packages: culmus-fonts
An update is available for culmus-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
How to Create Application Firewall Policy for Chunk Requests to Bypass Application Firewall on Citrix ADC 8.1-9.3
This article describes how to create application firewall policy for chunk requests to bypass Application Firewall module. Background In NetScaler software release 8.1 to 9.3 the Application Firewall module does not support chunked request. As a workaround you can create an Application Firewall...
OPENSUSE-SU-2022:0277-1 Test update for SUSE:SLE-15-SP2:Update (security)
This is a security test update for SUSE:SLE-15-SP2:Update...
OPENSUSE-SU-2021:1645-1 Security update for getdata
getdata was updated to 0.11.0, fixing bugs and a security issue: - CVE-2021-20204: Fixed a use after free in GDSupports in encoding.c boo1186251 for all relevant changes see: https://github.com/ketiltrout/getdata/releases/tag/v0.11.0...
CVE-2021-25512
An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities...
Release Information for Veeam Backup & Replication 11a Cumulative Patches
More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Requirements Before installing this Cumulative Patch using the Patch Installer, please confirm that you are running Veeam Backup & Replication 11a build 11.0.1.1261 wi...
Release Information for Veeam Backup for AWS v4
Requirements Please confirm that you are running version Veeam Backup for AWS v3 build 3.0.0.319 or later before upgrading. You can find the currently installed build number Server Version in the About section under Configuration | Support Information. After installing Veeam Backup for AWS v4, yo...
MGASA-2021-0425 Updated firefox packages fix security vulnerability
Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code CVE-2021-38493. The firefox...
Cisco Firepower Threat Defense Software Release 7.0.0 IPsec DoS (cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC)
A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...
Juniper Junos OS Buffer Overflow (JSA11142)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11142 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. TRUSTED...
Juniper Junos OS Vulnerability (JSA11149)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11149 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...
Design/Logic Flaw
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a...