Security Advisories & Alerts


ISC BIND announced CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash

Description: CVE-2017-3145 is a denial-of-service vector which can potentially be exploited against ISC BIND servers, causing them to crash. The underlying flaw has existed since BIND 9.0.0 but is not known to be reachable in any version prior to those containing the fix for CVE-2017-3137 [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1], and...

Read More


Cisco Unified Customer Voice Portal Denial of Service Vulnerability (CVE-2018-0086)

Description: A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during communications with the Cisco Virtualized Voice Browser (VVB). An attacker could exploit this vulnerability by sending malformed SIP...

Read More


Cisco Email Security and Content Security Management Appliance Privilege Escalation Vulnerability (CVE-2018-0095)

Description: A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a privilege level of a guest user. The vulnerability is due to an incorrect networking configuration...

Read More


Cisco NX-OS Software Pong Packet Denial of Service Vulnerability (CVE-2018-0102)

Description: A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from...

Read More


Critical Alert: A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution (CVE-2017-2741)

Description: A vulnerability has been discovered in HP products, which could allow for arbitrary code execution. Depending on the printer’s placement on the network, an attacker could potentially install programs; view, change, or delete data; or create new accounts with full user rights. Impact: This vulnerability could potentially be exploited to execute arbitrary code. System affected : HP PageWide Managed MFP P57750dw, J9V82A, J9V82B, J9V82C,...

Read More


Critical Alert: Cisco Adaptive Security Appliance RCE and Denial of Service Vulnerability (CVE-2018-0101)

Description: A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. Impact: The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An...

Read More


Mozilla Releases Security Update!

Description: Mozilla! has released security updates to address multiple vulnerabilities for the following software : Firefox ESR 52.6 Firefox 58 Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/ https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/


Apple Releases Security Updates !

Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : Safari 11.0.3 watchOS 4.2.2 iOS 11.2.5 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan tvOS 11.2.5 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory...

Read More


Oracle Critical Patch Update – January 2018

Description:  A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Impact: A remote attacker could exploit some of these vulnerabilities to obtain...

Read More


Adobe Releases Security Updates

Description:  Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address an important out-of-bounds read vulnerability that could lead to information exposure. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb18-01.html


Page 47 of 65« First...102030...4546474849...60...Last »