SYMSA1467-Linux Kernel Aug 2017 – Sep 2018 Vulnerabilities
Symantec Network Protection products that include a vulnerable version of the Linux kernel are susceptible to multiple vulnerabilities. A remote attacker, with access to the management interface, can obtain unauthorized read/write access to local files, cause denial of service,...
SYMSA1462-OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018
Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A malicious SSL/TLS server can send large DH parameters during connections using DH/DHE cipher suites and cause denial-of-service in the SSL/TLS client. A local attacker can...
SYMSA1443- SA166: OpenSSL Vulnerabilities 27-Mar-2018
Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can forge cryptographic messages and cause denial of service through application crashes.
SYMSA1451- SA165: NTP Vulnerabilities February 2018
Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code, modify the target's system time, prevent the target from...
SYMSA1428-SA159: OpenSSL Vulnerabilities 7-Dec-2017
Symantec Network Protection products using affected versions of OpenSSL are susceptible to two security vulnerabilities. A remote attacker can obtain Diffie-Hellman private key information and sensitive information accidentally transmitted in plaintext over an SSL/TLS connection.
SYMSA1423-SA157: OpenSSL Vulnerabilities 28-Aug-2017 and 2-Nov-2017
Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can send a crafted X.509 certificate to cause unspecified impact. They can exploit, under certain circumstances, a computational flaw in the Montgomery squaring...
SYMSA1404-SA148: Linux Kernel Vulnerabilities Feb-Apr 2017
Symantec Network Protection products that include a vulnerable version of the Linux kernel are susceptible to multiple vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to execute arbitrary code. The attacker can also...
SYMSA1397-SA144 : OpenSSH Vulnerabilities January 2017
Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker with access to an SSH server can exploit these vulnerabilities to execute arbitrary code on an SSH client. A local attacker can also...
SYMSA1377-SA129 : Multiple libxml2 Vulnerabilities
Blue Coat products that include a vulnerable version of the libxml2 library are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and cause denial of service through memory corruption.
SYMSA1374-SA128 : Multiple PCRE Vulnerabilities
Blue Coat products that include vulnerable versions of the PCRE and GLib2 libraries are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. The attacker can also cause denial...
SYMSA1350-SA113 : January 2016 NTP Security Vulnerabilities
Blue Coat products using affected versions of the NTP software distribution from ntp.org are susceptible to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to set the victim's system time to an arbitrary value or cause it to...
SYMSA1335-SA103 : October 2015 NTP Security Vulnerabilities
Blue Coat products using affected 4.2 versions of the NTP software distribution from ntp.org are susceptible to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to cause denial of service due to application crashes, memory corruption and memory...
SYMSA1317-SA91 : FREAK Attack
The FREAK attack allows an attacker to substantially degrade the strength of the encryption used in SSL/TLS connections using CVE-2015-0204 previously reported as part of SA88. Blue Coat products using affected versions of OpenSSL or that enable export grade...
SYMSA1315-SA88 : OpenSSL Security Advisory 08-Jan-2015
Blue Coat products using affected versions of OpenSSL 1.0.1, 1.0.0, and 0.9.8 are vulnerable to one or more vulnerabilities. A remote attacker may exploit these vulnerabilities to cause a downgrade of the security of the session, a loss of...
Linux kernel vulnerability CVE-2018-18021
Linux kernel vulnerability CVE-2018-18021. Security Advisory. Security Advisory Description. arch/arm64/kvm/guest.c in ...
SYMSA1323-SA92 : OpenSSL Security Advisory 19-Mar-2015
Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, 1.0.0, and 0.9.8 are vulnerable to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to cause a denial of service, memory corruption, or to decrypt an encrypted session...
Linux kernel vulnerability CVE-2018-14678
Linux kernel vulnerability CVE-2018-14678. Security Advisory. Security Advisory Description. An issue was discovered in ...
January 2019 OpenSSH security vulnerabilities
January 2019 OpenSSH security vulnerabilities. Security Advisory. Security Advisory Description. In January 2019, a security ...
OpenSSH vulnerability CVE-2019-6111
OpenSSH vulnerability CVE-2019-6111. Security Advisory. Security Advisory Description. ** RESERVED ** This candidate ...
OpenSSH vulnerability CVE-2019-6110
OpenSSH vulnerability CVE-2019-6110. Security Advisory. Security Advisory Description. ** RESERVED ** This candidate ...
Websites can steal browser data via extensions APIs
Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
6 Reasons We Need to Boost Cybersecurity Focus in 2019
Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency
Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information as well...
DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week
Trump dominated security headlines this week, but there's plenty of other news to catch up on.
Bulgaria Extradites Russian Hacker to US: Embassy
Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday.
read more
