NVIDIA Jetson TX2 Code Issue Vulnerability

NVIDIA Jetson TX2 is an embedded system development module from NVIDIA. The NVIDIA Jetson TX2 suffers from a code issue vulnerability that arises from a failure of the ARM System Memory Management Unit to properly check for errors, which can be exploited by an attacker to cause a denial of servic...

SUSE-SU-2019:0054-2 Security update for systemd

This update for systemd fixes the following issues: Fix security vulnerabilities CVE-2018-16864 and CVE-2018-16865 bsc1120323: Both issues were memory corruptions via attacker-controlled alloca which could have been used to gain root privileges by a local attacker. Fix security vulnerability...

The vulnerability of Xen hypervisors arises from the unsafe combination of small IOMMUs with larger ones, allowing attackers to increase their privileges.

The vulnerability of Xen hypervisors relates to the insecure combination of small IOMMUs with larger ones. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2019-5673

NVIDIA Jetson TX2 contains a vulnerability in the kernel driver on all versions prior to R28.3 where the ARM System Memory Management Unit SMMU improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service...

CVE-2019-5673

NVIDIA Jetson TX2 contains a vulnerability in the kernel driver on all versions prior to R28.3 where the ARM System Memory Management Unit SMMU improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service...

CVE-2019-5673

NVIDIA Jetson TX2 contains a vulnerability in the kernel driver on all versions prior to R28.3 where the ARM System Memory Management Unit SMMU improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service...

DEBIAN-CVE-2018-10244

Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check...

PT-2019-8750 · Open Information Security Foundation · Suricata

Name of the Vulnerable Software and Affected Versions: Suricata version 4.0.4 Description: The issue arises from incorrect handling of EtherNet/IP PDU parsing, which can lead to the parsing code reading beyond the allocated data due to an integer overflow during a length check in the DecodeENIPPD...

The vulnerability of the Nginx Unit application server arises from overflow in the dynamic memory buffer, allowing attackers to cause service failures.

The vulnerability of the Nginx Unit application server arises from overflowing buffers in dynamic memory. Exploiting this vulnerability allows a malicious actor to cause service failures through a specially crafted request...

Israeli fintech firms hit by Cardinal RAT malware

By Waqas The IT security researchers at Palo Alto Networks' Unit 42 have discovered a malware that has been targeting Israeli cyberspace especially those dealing with technology and financial sector. Dubbed Cardinal RAT remote access Trojan by researchers; the malware is currently targeting two...

UBUNTU-CVE-2018-16809

An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and valueunit...

USN-3904-1 nvidia-graphics-drivers-390 vulnerability

It was discovered that the NVIDIA graphics drivers incorrectly handled the GPU performance counters. A local attacker could possibly use this issue to access the application data processed on the GPU...

CVE-2019-6528

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions...

CVE-2019-6528

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions...

Code injection

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions...

CVE-2019-6528

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions...

PSI GridConnect Telecontrol

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: PSI GridConnect GmbH formerly known as PSI Nentec GmbH Equipment: Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy Vulnerability: Cross-site Scripting 2. RISK EVALUATION...

The vulnerability of the Lazy FPU context switching function in Intel processors allows a hacker to gain access to protected information.

The vulnerability of the Lazy FPU context switching function in Intel processors is related to insufficient protection of data in the FPU registers of the processor. Exploiting this vulnerability can allow an attacker to access protected information...

runc security update

1.0.0-19.rc5.git4bb1fe4.0.3.el7 - Apply patch for CVE-2019-5736 Wiekus Beukes 1.0.0-19.rc5.git4bb1fe4.0.2.el7 - update Go version to 1.10.8, fix version string Laszlo Laca Peter 1.0.0-19.rc5.git4bb1fe4.0.1.el7 - Tuning .spec file 2:1.0.0-19.rc5.git4bb1fe4 - release v1.0.0rc5...

Heap overflow

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...