Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls Inspection Rules Denial of Service Vulnerability
Summary Affected Products Indicators of Compromise Workarounds Fixed Software Source:
Cisco Identity Services Engine Command Injection Vulnerabilities
Summary Affected Products Details Workarounds Fixed Software Source:
Cisco IOS XE Software Web UI Feature
Summary Affected Products Details Indicators of Compromise Workarounds Fixed Software Recommendations
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
SummaryCisco has provided an update regarding the ongoing investigation into the observed exploitation of the web UI feature in Cisco IOS XE Software. The initial fixed software releases are now available on the Cisco Software Download Center. Cisco will continue to update the advisory as…
VMware Releases Security Updates for Aria Operations for Networks
3a. Vulnerability: Aria Operations for Networks Authentication Bypass (CVE-2023-34039) 3b. Vulnerability: Aria Operations for Networks Arbitrary File Write (CVE-2023-20890)
Oracle Releases Security Updates
Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July 2023 to address vulnerabilities affecting multiple products. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. Oracle Linux Bulletin – July 2023…
ISC Releases Security Advisories for Multiple Versions of BIND 9
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions. CISA encourages users and administrators to review the following…
Fortinet Releases Security Updates for FortiOS and FortiProxy
Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign Affected Platforms: FortiOSImpacted Users: Targeted at government, manufacturing,…
Mitsubishi Electric MELSEC Series CPU module
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition or execute malicious code on a target product by sending specially crafted packets. The attacker needs to understand the internal structure of products to…
USN-2196-1: Linux kernel vulnerability
Releases Packages Details A flaw was discovered in the Linux kernel’s pseudo tty (pty) device. Anunprivileged user could exploit this flaw to cause a denial of service(system crash) or potentially gain administrator privileges. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+…
Stay connected