51 matches found
CEOs offer their own view of a US data privacy law
Last week, the chief executives of more than 50 mid- and large-sized companies urged Congress to pass a national data privacy law to regulate how companies collect, use, and share Americans’ data. Buried deep within the chief executives’ recommendations for such a law, presented as a policy...
Cisco IOS XR Input Validation Error Vulnerability (CNVD-2019-46438)
Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. An input validation error vulnerability exists in the Intermediate System-to-Intermediate System IS-IS routing protocol feature in Cisco IOS XR versions prior to 6.6.3, which arises...
CVE-2019-1918
A vulnerability in the implementation of Intermediate SystemtoIntermediate System ISIS routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service DoS condition. The vulnerability is due to incorrect...
Hardcoded credentials
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
Apache Geode cluster information disclosure vulnerability
Apache Geode cluster is the Apache Software Foundation's platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. An information disclosure vulnerability exists in Apache Geode cluster. An attacker could exploit this...
CVE-2016-7199
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...
IBM Storwize SSL/TLS RC4 Stream Cipher Key Invariance (Bar Mitzvah)
According to its self-reported version number, the IBM Storwize server running on the remote host is affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase. A...
PT-2010-2100 · Linux +1 · Kvm +1
Name of the Vulnerable Software and Affected Versions: KVM version 83 Description: The issue arises from the pit ioport read function in the Programmable Interval Timer PIT emulation, specifically in the i8254.c file. This function does not properly utilize the pit state data structure, allowing...