Security Advisory Description A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations ...
More info:
https://my.f5.com/manage/s/article/K000133616?utm_source=f5support&utm_medium=RSS
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle ...
More info:
https://my.f5.com/manage/s/article/K000133612?utm_source=f5support&utm_medium=RSS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.The vulnerabilities are due
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=SNMP%20Remote%20Code%20Execution%20Vulnerabilities%20in%20Cisco%20IOS%20and%20IOS%20XE%20Software&vs_k=1
Security Advisory Description xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid ...
More info:
https://my.f5.com/manage/s/article/K49419538?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2023-21967 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are ...
More info:
https://my.f5.com/manage/s/article/K000133603?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. (CVE-2018-14042) Impact An attacker may exploit this vulnerability to perform a ...
More info:
https://my.f5.com/manage/s/article/K19785240?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. (CVE-2019-8331) Impact An attacker can inject a ...
More info:
https://my.f5.com/manage/s/article/K24383845?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. (CVE-2018-14040) Impact An attacker may exploit this vulnerability to perform a ...
More info:
https://my.f5.com/manage/s/article/K48382137?utm_source=f5support&utm_medium=RSS
Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. (CVE-2018-14041) Impact An attacker may exploit this vulnerability to perform a ...
More info:
https://my.f5.com/manage/s/article/K05380109?utm_source=f5support&utm_medium=RSS
Bring Your Own Vulnerable Driver (BYOVD) techniques are not new; they can be traced back at least as far as 2012 and the Shamoon wiper that targeted Saudi Aramco. The attack used RawDisk driver, which could manipulate hard drives from user space without any special permissions. This access enabled the malicious actor to erase data … ContinuedThe post Bring Your Own Backdoor: How Vulnerable Drivers Let Hackers In appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/04/bring-your-own-backdoor-how-vulnerable-drivers-let-hackers-in.html?utm_source=rss&utm_medium=rss&utm_campaign=bring-your-own-backdoor-how-vulnerable-drivers-let-hackers-in
