CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

CVE-2019-7401

NGINX Unit is affected by CVE-2019-7401: a heap-based buffer overflow in the router process when handling specially-crafted requests. Exploitation can cause a denial of service (router process crash) and may have unspecified other impact. Affected is Unit versions before 1.7.1. Reported remediati...

CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

FreeBSD : unit -- heap memory buffer overflow (c95836a0-2b3b-11e9-9838-8c164567ca3c)

unit security problems : CVE-2019-7401: a head memory buffer overflow might have been caused in the router process by a specially crafted request, potentially resulting in a segmentation fault or other unspecified behavior. C Tenable Network Security, Inc. The descriptive text and package checks ...

PT-2019-1582 · Nginx · Nginx Unit

Name of the Vulnerable Software and Affected Versions: NGINX Unit versions prior to 1.7.1 Description: The issue is caused by a heap-based buffer overflow in the router process, potentially allowing an attacker to cause a denial of service router process crash or possibly have other unspecified...

The vulnerability of the XListExtensions function in the client-side API library for the X Window System libX11 allows a attacker to cause a service failure.

The vulnerability of the XListExtensions function ListExt.c in the client API library for the X Window System libX11 is related to an “unit not counted” error. Exploiting this vulnerability allows a remote attacker to cause a service failure through a specially crafted server response...

ABB Mechanical Unit Manager Detection (Windows SMB Login)

Detects the installed version of ABB Mechanical Unit Manager for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Feds Dismantle Dark Web Credentials Market

Law-enforcement agencies across the world have taken aim at Dark Web denizens this week, with the takedown of a credentials marketplace as well as continued action against former users of the Webstresser.org DDoS-for-hire site. An international law-enforcement operation has dismantled the xDedic...

Siemens SICAM A8000 Series Denial Of Service

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: SICAM A8000 Series Vendor: Siemens CSNC ID: CSNC-2019-002 CVE ID: CVE-2018-13798 Subject: SICAM Webinterface XXE DoS Risk: Medium CVSS 3.0 Base Score: 5.3 CVSS 3.0:...

SUSE-SU-2019:0054-1 Security update for systemd

This update for systemd fixes the following issues: Fix security vulnerabilities CVE-2018-16864 and CVE-2018-16865 bsc1120323: Both issues were memory corruptions via attacker-controlled alloca which could have been used to gain root privileges by a local attacker. Fix security vulnerability...

Fedora 28 : systemd (2018-24bd6c9d4a)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1643367 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1643372 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1643362 -...

Fedora 29 : systemd (2018-c402eea18b)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1639076 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1639071 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1639067 - The DHCP...

SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2018:3644-1)

This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 CVE-2018-15686: A vulnerability in unitdeserialize ...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-2)

This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 CVE-2018-15686: A vulnerability in unitdeserialize ...

CVE-2018-18561

An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the...

Design/Logic Flaw

An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the...

CVE-2018-18562

An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent network to gain unauthorized service access via a service interface...

USN-3816-2 systemd vulnerability

USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that unitdeserialize incorrectly handled status messages above ...

USN-3816-1 systemd vulnerabilities

Jann Horn discovered that unitdeserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. CVE-2018-15686 Jann Horn discovered a race condition in...

openSUSE Security Update : systemd (openSUSE-2018-1382)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...