Security Advisories & Alerts


Microsoft Releases Security Updates for its Malware Protection Engine

Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An...

Read more


Huawei Smart Phones CVE-2017-8205 Integer Overflow Vulnerability

Description:   The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter...

Read more


Xen Information Disclosure Vulnerability: CVE-2017-17046

Description: An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled. Impact: Attackers can exploit this issue to obtain sensitive information...

Read more


Xen Information Disclosure Vulnerability: CVE-2017-17046

Description: An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled. Impact: Attackers can exploit this issue to obtain sensitive information...

Read more


Multiple Cisco WebEx Products Multiple Security Vulnerabilities

Description:  Multiple Cisco WebEx Products are prone to the following security vulnerabilities: Multiple remote code-execution vulnerabilities Multiple denial-of-service vulnerabilities Impact: An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. These...

Read more


Apple Releases Security Update for macOS High Sierra !

Description: Apple has released a supplemental security update to address a vulnerability in macOS High Sierra 10.13. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.kb.cert.org/vuls/id/113765 https://support.apple.com/en-us/HT208315


Juniper Junos Space CVE-2017-10622 Authentication Bypass Vulnerability

Description: An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3 Impact: An attacker can...

Read more


Multiple Cisco Products CVE-2017-12277 Remote Command Injection Vulnerability

Description: A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. The vulnerability is due to insufficient input validation of certain...

Read more


CVE-2017-12301: Cisco NX-OS Software Python Parser Escape Vulnerability

Description: The vulnerability exists due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions within the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands on the underlying operating system with the privileges of...

Read more


Page 1 of 1812345...10...Last »