Unable to access internal Websites with Android Secure Web using MAM SDK

On Android Secure Web with MAM SDK, accessing internal websites shows error 'ERREMPTYRESPONSE'. Further checking the logs, we see that Secure Web does not tunnel the connection to AG for internal websites. But for Legacy SDK, it works fine. Split Tunne - ON DNS suffixes - ADDED In the logs, we se...

Split-Second Phantom Images Fool Autopilots

Researchers are tricking autopilots by inserting split-second images into roadside billboards. Researchers at Israels Ben Gurion University of the Negev … previously revealed that they could use split-second light projections on roads to successfully trick Teslas driver-assistance systems into...

CVE-2019-4552

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the...

Cisco IOS XE Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability as the Split DNS feature's regular expression regex engine may time out when processing the DNS name list configuration. An unauthenticated, remote attacker could cause an affected...

Cisco IOS Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)

According to its self-reported version, Cisco IOS Software is affected by a denial of service DoS vulnerability as the Split DNS feature's regular expression regex engine may time out when processing the DNS name list configuration. An unauthenticated, remote attacker could cause an affected devi...

CVE-2020-15199

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

Cisco IOS and IOS XE Denial of Service Vulnerability (CNVD-2021-43438)

Cisco IOS and IOS XE are both operating systems developed by Cisco in the United States for its network devices. A denial of service vulnerability exists in the Split DNS feature of Cisco IOS and IOS XE, which can be exploited by an attacker to cause a device to reload by attempting to resolve th...

PT-2020-14272 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.3.1 Description: The RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor, specifically that the values in the splits tensor generate a valid partitioning ...

CVE-2020-3408

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

CVE-2020-3408

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

Race condition

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

CVE-2020-3408 Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

CVE-2020-3408 Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

CVE-2020-3408

CVE-2020-3408 concerns Cisco IOS and IOS XE Split DNS DoS. The issue stems from the Split DNS feature’s regex engine timing out while processing the DNS name list configuration, allowing an unauthenticated, remote attacker to trigger device reloads and a denial-of-service condition. Affected prod...

Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

PT-2020-4184 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an...

CVE-2020-15590

A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...

CVE-2020-12247

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur...

PT-2020-20366 · Google · Google Play Core Library

Name of the Vulnerable Software and Affected Versions: Google Play Core Library versions prior to 1.7.2 Description: A local, arbitrary code execution issue exists in the SplitCompat.install endpoint in Android's Play Core Library. This allows a malicious attacker to create an apk that targets a...

CVE-2020-14213

In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent e.g., read internal data, split, or merge...