Security Advisory Description CVE-2020-14779 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: ...
More info:
https://my.f5.com/manage/s/article/K000135507?utm_source=f5support&utm_medium=RSS
Security Advisory Description If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of ...
More info:
https://my.f5.com/manage/s/article/K000135504?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2021-33643 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_ ...
More info:
https://my.f5.com/manage/s/article/K000135439?utm_source=f5support&utm_medium=RSS
VMware Carbon Black Is Focused on One Thing: Security Helping our customers win the fight against ransomware and other cyber threats is our most important mandate. At VMware Carbon Black, we believe this is a fight you can win–and we can help you by tilting the scales in your favor. That is why as a … ContinuedThe post We Believe Customer Value is Built on Innovation and Investment appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/07/we-believe-customer-value-is-built-on-innovation-and-investment.html?utm_source=rss&utm_medium=rss&utm_campaign=we-believe-customer-value-is-built-on-innovation-and-investment
A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is due to insufficient request validation when using the REST API feature. An attacker could exploit this vulnerability by sending a crafted API request to an affected vManage instance. A successful
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPA?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20%20SD-WAN%20vManage%20Unauthenticated%20REST%20API%20Access%20Vulnerability&vs_k=1
Security Advisory Description A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, ...
More info:
https://my.f5.com/manage/s/article/K000135446?utm_source=f5support&utm_medium=RSS
Security Advisory Description A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial ...
More info:
https://my.f5.com/manage/s/article/K000135433?utm_source=f5support&utm_medium=RSS
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the ciphers that are used by the CloudSec encryption feature on affected switches. An attacker with an on-path position between the ACI sites could exploit this vulnerability by intercepting intersite encrypted
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ACI%20Multi-Site%20CloudSec%20Encryption%20Information%20Disclosure%20Vulnerability&vs_k=1
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20BroadWorks%20Privilege%20Escalation%20Vulnerability&vs_k=1
A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to view sensitive information
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-auth-info-JgkSWBLz?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Duo%20Authentication%20Proxy%20Information%20Disclosure%20Vulnerability&vs_k=1
