Cisco fixed a vulnerability in IOE XE software that was introduced due to changes to its implementation of the BGP over an Ethernet VPN.
Cisco patches a DoS vulnerability in IOE XE software that was introduced due to changes to its implementation of the Border Gateway Protocol (BGP) over an Ethernet VPN.
The Cisco IOS XE operating system automates network op
WordPress developers fixed a serious SQL injection vulnerability on Tuesday with the release of version 4.8.3.. Apply it as soon as possible.
WordPress developers fixed a serious SQL injection vulnerability that was reported by the researcher Anthony Ferrara, VP of engineering at Lingo Live.
The issue was addressed on Tuesday with the release of version 4.8
Vendor: SpiderControlEquipment: SCADA Web ServerVulnerability: Improper Privilege ManagementAdvisory URLhttps://ipositivesecurity.com/2017/10/28/ics-spidercontrol-scada-web-server-improper-privilege-management-vulnerability/ICS-CERT Advisoryhttps://ics-cert.us-cert.gov/advisories/ICSA-17-250-01CVE-IDCVE-2017-12728------------------------AFFECTED PRODUCTS----
Publish At:
2017-10-31 07:10 |
Read:1196 | Comments:0 |
Tags:
Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-141: EMC AppSync Hardcoded Password VulnerabilityEMC Identifier: ESA-2017-141CVE Identifier: CVE-2017-14376Severity Rating: CVSS v3 Base Score: 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)Affected products: EMC AppSync Server versions prior to 3.5.0.1Summary: EMC AppSync contains database accounts with ha
Publish At:
2017-10-31 07:10 |
Read:1328 | Comments:0 |
Tags:
Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-137: EMC VMAX Virtual Appliance (vApp) Authentication Bypass VulnerabilityEMC Identifier: ESA-2017-137CVE Identifier: CVE-2017-14375Severity Rating: CVSSv3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)Affected products: *EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15*EMC Sol
Publish At:
2017-10-31 07:10 |
Read:1100 | Comments:0 |
Tags:
Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-134: RSA® Authentication Manager Security Update for Reflected Cross-Site Scripting VulnerabilityEMC Identifier: ESA-2017-134CVE Identifier: CVE-2017-14373Severity Rating: CVSSv3: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NAffected Products:RSA Authentication Manager 8.2 SP1 P4 and earlier Summary:RSA A
Publish At:
2017-10-27 15:20 |
Read:1048 | Comments:0 |
Tags:
Vulnerability
-------------------------------------------------------------Tuleap <= 9.6 Second-Order PHP Object Injection Vulnerability-------------------------------------------------------------[-] Software Links:https://www.tuleap.orghttps://www.enalean.com[-] Affected Versions:All versions from 5.0 to 9.6.[-] Vulnerability Description:The vulnerable code can be tr
Publish At:
2017-10-23 19:10 |
Read:824 | Comments:0 |
Tags:
Vulnerability
Cisco patched critical and high severity vulnerabilities in several products, including the Cloud Services Platform (CSP).
Cisco patched critical and high severity vulnerabilities in several products, including the Cloud Services Platform (CSP), the Firepower Extensible Operating System (FXOS) and NX-OS software, and some Small Business IP phones.
The most s
Overview
The WPA2 Protocol vulnerability allows attacker to decrypt the network traffic from the vulnerable device and it also allow to view the critical information, injecting the packets/data from the vulnerable devices. The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks and the researcher who found this vulnerability is no
=============================================- Release date: October 05th, 2017- Discovered by: Giovanni Cerrato, Giovanni Guido and BackBox team- Severity: Medium============================================= I. VULNERABILITY-------------------------Lansweeper XSS vulnerability. II. INTRODUCTION-------------------------Lansweeper an Asset Management and Netw
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-112: EMC Network Configuration Manager Reflected Cross-Site Scripting VulnerabilityEMC Identifier: ESA-2017-112CVE Identifier: CVE-2017-8017Severity Rating: CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)Affected products: * EMC Network Configuration Manager (NCM) 9.3.x* EMC Net
Publish At:
2017-10-07 06:20 |
Read:2537 | Comments:773 |
Tags:
Vulnerability
=============================================- Release date: October 06th, 2017- Discovered by: Barkın Kılıç, Mehmet Dursun İnce- Severity: High=============================================I. VULNERABILITY-------------------------Lansweeper XXE vulnerability.II. INTRODUCTION-------------------------Lansweeper an Asset Management and Network Inventory Tool (
Publish At:
2017-10-07 06:20 |
Read:2445 | Comments:0 |
Tags:
Vulnerability
Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters that addresses a critical vulnerability.
Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters to fix a critical vulnerability that can be exploited by remote attackers to bypass authentication and perform administrative actions on the device.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-119: EMC Elastic Cloud Storage Undocumented Account VulnerabilityEMC Identifier: ESA-2017-119CVE Identifier: CVE-2017-8021Severity Rating: CVSS Base Score: 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H)Affected products: * EMC Elastic Cloud Storage all versions prior to 3.1Summary: EMC Elastic Cloud St
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256ESA-2017-115: EMC AppSync Host Plug-in Denial of Service VulnerabilityEMC Identifier: ESA-2017-115CVE Identifier: CVE-2017-8018Severity Rating: CVSS v3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Affected products: EMC AppSync host plug-in versions 3.5 and below (Windows platform only)Summary:
Publish At:
2017-09-27 05:40 |
Read:1278 | Comments:0 |
Tags:
Vulnerability
Announce
Share high-quality web security related articles with you:)
Tools