140 matches found
[SECURITY] Fedora 36 Update: microcode_ctl-2.1-51.fc36
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
Mitel 6900 Series IP Phone MiNet 安全漏洞
The Mitel 6900 SIP is a 6900 SIP Series IP Phone from Mitel Canada. A security vulnerability exists in the Mitel 6900 Series IP Phone MiNet that originates from running code via system boot using the Mitel 6900 Series IP Phone MiNet vulnerability...
Mitel 6900 SIP 安全漏洞
Mitel 6900 SIP is a 6900 SIP series IP phone from Mitel Canada. A security vulnerability exists in Mitel 6900 SIP. An attacker could exploit this vulnerability to bypass the restrictions of the Mitel 6900 Series IP Phone SIP via system boot to elevate its privileges...
Citrix Xenserver 7.1CU2 to Citrix Hypervisor 8.2 upgrade gets stuck at Boot Screen for servers with HPE Smart Array
After the Host is booted into the installer kernel it gets stuck at following screen...
[SECURITY] Fedora 34 Update: microcode_ctl-2.1-46.1.fc34
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
[SECURITY] Fedora 35 Update: microcode_ctl-2.1-47.1.fc35
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012
Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...
[SECURITY] Fedora 33 Update: microcode_ctl-2.1-43.2.fc33
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
[SECURITY] Fedora 34 Update: microcode_ctl-2.1-46.fc34
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
CVE-2021-1452
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
Input validation
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...
CVE-2021-1453
Cisco IOS XE Software for the Catalyst 9000 Family is affected by CVE-2021-1453. The issue is in the image verification function during the initial boot, where an improper check of digital signatures on system image files could allow an unauthenticated, physical attacker to load unsigned software...
CVE-2021-1452 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
CVE-2021-1441
Summary of CVE-2021-1441 (Cisco IOS XE hardware initialization ARBITRARY CODE EXECUTION) Affected products: Cisco IOS XE Software on Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers. Root cause: Incorrect validation of parameters passed to a diagn...
CVE-2021-1441 Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability
A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...
Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
Cisco IOS XE Software Fast Reload Vulnerabilities
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3650, Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating...
Important: fapolicyd bug fix update
The fapolicyd software framework introduces a form of file access control based on a user-defined policy. The application file access control feature provides one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system. Bug Fixes: When an update...
CVE-2020-28331
Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Versions: 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a...
[SECURITY] Fedora 31 Update: microcode_ctl-2.1-39.3.fc31
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...