Security Advisories & Alerts


Cisco Releases Security Updates for Multiple Products

Description: Cisco has released updates to address vulnerabilities affecting multiple products. Impact:  A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Cisco has released software updates that address this vulnerability. Please see the references or vendor advisory for more information. References: Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability cisco-sa-20180620-nxos-bo Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary...

Read More


Intel Releases Security Advisory on Lazy FP State Restore Vulnerability

Description: Intel has released recommendations to address a vulnerability—dubbed Lazy FP state restore—affecting Intel Core-based microprocessors. System software may utilize the Lazy FP state restore technique to delay the restoring of state until an instruction operating on that state is actually executed by the new process. Systems using Intel® Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore...

Read More


Cisco Releases Security Updates

Description: Cisco has released updates to address vulnerabilities affecting multiple products. Impact:  A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Cisco has released software updates that address this vulnerability. Please see the references or vendor advisory for more information. Reference URL’s: Digital Network Architecture Center Static Credentials Vulnerability cisco-sa-20180516-dnac Digital Network Architecture Center Authentication Bypass Vulnerability cisco-sa-20180516-dna2 Digital Network...

Read More


Red Hat Addresses DHCP Client Vulnerability

Description: Red Hat has released security updates to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Red Hat Enterprise Linux 6 and 7. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://bugzilla.redhat.com/show_bug.cgi?id=1567974 https://access.redhat.com/security/cve/cve-2018-1111 https://access.redhat.com/security/vulnerabilities/3442151


Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

Description: Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Impact: Successful exploitation of the most severe of these vulnerabilities could...

Read More


Critical Patches Issued for Microsoft Products, May 8, 2018

Description: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. There are reports of a remote code execution vulnerability (CVE-2018-8174) being actively exploited in the wild as part of a cyber-espionage campaign. Impact: Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user....

Read More


Critical Alert: A Vulnerability in Adobe Flash Player Could Allow for Arbitrary Code Execution (APSB18-16)

Description: A vulnerability has been discovered in Adobe Flash Player, which could allow for arbitrary code execution. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages. Impact: Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the user running the application. Depending on...

Read More


Multiple Dell EMC Products CVE-2018-1239 Multiple Remote Command Injection Vulnerabilities

Description: Multiple Dell EMC Products are prone to multiple remote command-injection vulnerabilities. Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. Impact: A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed. Mitigation: Updates are available. Please see the...

Read More


Apple Swift CVE-2018-4220 Arbitrary Code Execution Vulnerability

Description: Apple Swift is prone to an arbitrary code-execution vulnerability. Impact: A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208804 https://lists.apple.com/archives/security-announce/2018/May/msg00000.html https://www.securityfocus.com/bid/104085/info https://swift.org/


Multiple Devices Integrated GPUs CVE-2018-10229 Security Bypass Vulnerability

Description: A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. Impact: Upon visiting a malicious or compromised website with a vulnerable device, an attacker may be able to bypass security features provided by the web browser. Mitigation: Apply an update. Google Chrome and Mozilla Firefox have released updates which disable high precision timers...

Read More


Page 43 of 66« First...102030...4142434445...5060...Last »