Security Advisories & Alerts

Critical Patches Issued for Microsoft Products, May 8, 2018

Description: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. There are reports of a remote code execution vulnerability (CVE-2018-8174) being actively exploited in the wild as part of a cyber-espionage campaign. Impact: Successful exploitation of the most severe of these...

Read more

Multiple Dell EMC Products CVE-2018-1239 Multiple Remote Command Injection Vulnerabilities

Description: Multiple Dell EMC Products are prone to multiple remote command-injection vulnerabilities. Dell EMC Unity Operating Environment (OE) versions prior to are affected by multiple OS command injection vulnerabilities. Impact: A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on...

Read more

Apple Swift CVE-2018-4220 Arbitrary Code Execution Vulnerability

Description: Apple Swift is prone to an arbitrary code-execution vulnerability. Impact: A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Mitigation: Updates are available. Please see the references or vendor advisory for more...

Read more

Multiple Devices Integrated GPUs CVE-2018-10229 Security Bypass Vulnerability

Description: A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. Impact: Upon visiting a malicious or compromised website with a vulnerable device, an attacker may be able to bypass security features provided by the web browser. Mitigation: Apply...

Read more

QEMU CVE-2017-15124 Denial of Service Vulnerability

Description: VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto...

Read more

OpenStack Nova CVE-2017-18191 Local Denial of Service Vulnerability

Description: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error...

Read more

Page 12 of 35« First...1011121314...2030...Last »