VU#730261: Marvell Avastar wireless SoCs have multiple vulnerabilities
A presentation at the ZeroNights 2018 conference describes multiple security issues with Marvell Avastar SoCs(models …
VU#395981: Self-encrypting hard drives do not adequately protect data
CVE-2018-12037 There is no cryptographic relation between the password provided by the end user and the key used for the encryption of user …
VU#465632: Microsoft Exchange 2013 and newer are vulnerable to NTLM relay attacks
Microsoft Exchange supports a API called Exchange Web Services(EWS). One of the EWS API functions is called PushSubscription,which can be …
VU#756913: Pixar Tractor contains a stored cross-site scripting vulnerability
Pixar’s Tractor software,versions 2.2 and earlier,contain a stored cross-site scripting vulnerability(CWE-79)in the field that allows a …
VU#317277: Texas Instruments CC2640 and CC2650 microcontrollers vulnerable to heap overflow and insecure update
CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer CVE-2018-16986 – also known as BLEEDINGBIT The following …
VU#531281: Microsoft Windows DNS servers are vulnerable to heap overflow
CWE-122:Heap-based Buffer Overflow – CVE-2018-8626 Microsoft Windows Domain Name System(DNS)servers are vulnerable to heap overflow …
VU#289907: Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition
CWE-362:Concurrent Execution using Shared Resource with Improper Synchronization(‘Race Condition’)- CVE-2018-8611 According to …
VU#741315: Dokan file system driver contains a stack-based buffer overflow
CWE-121:Stack-based Buffer Overflow – CVE-2018-5410 Dokan,versions between 1.0.0.5000 and 1.2.0.1000,are vulnerable to a stack-based buffer …
VU#228297: Microsoft Windows MsiAdvertiseProduct function vulnerable to privilege escalation via race condition
The Microsoft Windows MsiAdvertiseProduct function allows a Windows installer product to generate a script to advertise a product to …
VU#741315: A Dokan file driver contains a stack-based buffer overflow
CWE-121:Stack-based Buffer Overflow – CVE-2018-5410 Dokan,versions between 1.0.0.5000 and 1.2.0.1000,are vulnerable to a stack-based buffer …
VU#573168: Microsoft Internet Explorer scripting engine JScript memory corruption vulnerability
Microsoft Internet Explorer contains a scripting engine,which handles execution of scripting languages such as VBScript and JScript. The …
VU#756913: Pixars Tractor contains a stored cross-site scripting vulnerability
CWE-79:Improper Neutralization of Input During Web Page Generation – CVE-2018-5411 Pixar’s Tractor software,versions 2.2 and …
VU#395981: Self-Encrypting Drives Have Multiple Vulnerabilities
CVE-2018-12037 There is no cryptographic relation between the password provided by the end user and the key used for the encryption of user …
VU#317277: Texas Instruments Microcontrollers CC2640 and CC2650 are vulnerable to heap overflow
Texas Instruments Microcontrollers CC2640 and CC2650 are vulnerable to heap …
VU#317277: Texas Instrument Microcontrollers CC2640 and CC2650 are vulnerable to variable and heap overflow.
Texas Instrument Microcontrollers CC2640 and CC2650 are vulnerable to variable and heap …
VU#339704: Cisco ASA and FTD SIP Inspection denial-of-service vulnerability
Cisco Adaptive Security Appliance(ASA)Software and Cisco Firepower Threat Defense(FTD)software fails to properly parse SIP traffic,whcih …
Phishing is still the most commonly used attack on organizations, survey says
The survey found that the majority of cyberattacks – 75% – came from outsiders, while 25% were due to insiders. Cybercrooks are the …
VU#176301: Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App
Auto-Maskin RP remote panels and DCU controls units are used to monitor and control ship engines. The units have several authentication and …