175 matches found
Crowd-sourced attacks present new risk of crisis escalation
By Matt Olney.An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as... This ...
CVE-2020-10632 ICSA-20-140-02 Emerson OpenEnterprise
Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner...
The vulnerability of the zlib compression library in the “Avora” operating system allows a hacker to cause a service failure or have an unpredictable impact.
The vulnerability of the zlib compression library in the “Avora” operating system is related to integer overflows. Exploiting this vulnerability can allow attackers to cause service failures or have unpredictable effects using specially crafted .apk or .dex files...
CVE-2021-28702
PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR". These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest...
CVE-2021-28702
PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR". These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest...
in phpservermon/phpservermon
✍️ Description Insecure randomness errors occur when a function that can produce predictable values is used as a source of randomness in security-sensitive context. This code uses the rand function to generate "unique" identifiers for the receipt pages it generates. In this case the function that...
5 Top Cybersecurity Threats to Businesses
By Waqas Cybersecurity threats are unpredictable but taking a closer look at them and implementing proper security measures seems like a wise decision. This is a post from HackRead.com Read the original post: 5 Top Cybersecurity Threats to Businesses...
SUSE: Security Advisory (SUSE-SU-2021:0776-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : s390-tools (SUSE-SU-2021:0777-1)
This update for s390-tools fixes the following issues : Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. CVE-2021-25316: Do not use predictable temporary file names bsc1182777. Made the...
SUSE-SU-2021:0777-1 Security update for s390-tools
This update for s390-tools fixes the following issues: - Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. - CVE-2021-25316: Do not use predictable temporary file names bsc1182777. - Mad...
A Dangerous Year in America Enters Its Most Dangerous Month
Seven distinct factors between now and the election threaten to combine, compound, and reinforce each other in unpredictable ways...
CVE-2020-4188
IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807...
CVE-2019-15874
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...
CVE-2019-15874
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...
FreeBSD -- ipfw invalid mbuf handling
Problem Description: Incomplete packet data validation may result in accessing out-of-bounds memory CVE-2019-5614 or may access memory after it has been freed CVE-2019-15874. Impact: Access to out of bounds or freed mbuf data can lead to a kernel panic or other unpredictable results...
Ddoor - Cross Platform Backdoor Using Dns Txt Records
Cross-platform backdoor using dns txt records. What is ddor? ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DN...
CVE-2019-17210
A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString is called by the function MQTTDeserializepublish to get the length and content of the MQTT topic name. In the function readMQTTLenString, mqttstring-lenstring.len is a part of us...
Design/Logic Flaw
A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString is called by the function MQTTDeserializepublish to get the length and content of the MQTT topic name. In the function readMQTTLenString, mqttstring-lenstring.len is a part of us...
CVE-2019-2240
While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
CVE-2019-2240
CVE-2019-2240 affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity, Snapdragon family across IPQ4xxx through SDX lines, QCA wireless ICs, etc.). Description: error handling during rendering of surface content to the screen is not properly checked, causing unpredictable behavior. Root ...