Thursday, August 22, 2019
F5 Networks

MySQL vulnerabilities CVE-2019-2752, CVE-2019-2755, CVE-2019-2757, CVE-2019-2758, and CVE-2019-2774

MySQL vulnerabilities CVE-2019-2752, CVE-2019-2755, CVE-2019-2757, CVE-2019-2758, and CVE-2019-2774 Security Advisory Security Advisory Description CVE-2019-2752 Vulnerability in the MySQL Server ...
F5 Networks

MySQL vulnerabilities CVE-2019-2830, CVE-2019-2834, and CVE-2019-3822

MySQL vulnerabilities CVE-2019-2830, CVE-2019-2834, and CVE-2019-3822 Security Advisory Security Advisory Description CVE-2019-2830 Vulnerability in the MySQL Server component of Oracle MySQL ( ...
F5 Networks

MySQL vulnerabilities CVE-2019-2740, CVE-2019-2741, CVE-2019-2743, CVE-2019-2746, and CVE-2019-2747

MySQL vulnerabilities CVE-2019-2740, CVE-2019-2741, CVE-2019-2743, CVE-2019-2746, and CVE-2019-2747 Security Advisory Security Advisory Description CVE-2019-2740 Vulnerability in the MySQL Server ...
F5 Networks

MySQL vulnerabilities CVE-2019-2815, CVE-2019-2819, CVE-2019-2822, and CVE-2019-2826

MySQL vulnerabilities CVE-2019-2815, CVE-2019-2819, CVE-2019-2822, and CVE-2019-2826 Security Advisory Security Advisory Description CVE-2019-2815 Vulnerability in the MySQL Server component of ...
F5 Networks

MySQL vulnerabilities CVE-2019-2808, CVE-2019-2810, CVE-2019-2811, CVE-2019-2812, and CVE-2019-2814

MySQL vulnerabilities CVE-2019-2808, CVE-2019-2810, CVE-2019-2811, CVE-2019-2812, and CVE-2019-2814 Security Advisory Security Advisory Description CVE-2019-2808 Vulnerability in the MySQL Server ...
F5 Networks

MySQL vulnerabilities CVE-2019-2791, CVE-2019-2795, CVE-2019-2796, CVE-2019-2797, and CVE-2019-2798

MySQL vulnerabilities CVE-2019-2791, CVE-2019-2795, CVE-2019-2796, CVE-2019-2797, and CVE-2019-2798 Security Advisory Security Advisory Description CVE-2019-2791 Vulnerability in the MySQL Server ...
F5 Networks

MySQL vulnerabilities CVE-2019-2800, CVE-2019-2801, CVE-2019-2802, CVE-2019-2803, and CVE-2019-2805

MySQL vulnerabilities CVE-2019-2800, CVE-2019-2801, CVE-2019-2802, CVE-2019-2803, and CVE-2019-2805 Security Advisory Security Advisory Description CVE-2019-2800 Vulnerability in the MySQL Server ...
F5 Networks

MySQL vulnerabilities CVE-2019-2778, CVE-2019-2780, CVE-2019-2784, CVE-2019-2785, and CVE-2019-2789

MySQL vulnerabilities CVE-2019-2778, CVE-2019-2780, CVE-2019-2784, CVE-2019-2785, and CVE-2019-2789 Security Advisory Security Advisory Description CVE-2019-2778 Vulnerability in the MySQL Server ...
F5 Networks

BIG-IP DNS and GTM DNSSEC security exposure

BIG-IP DNS and GTM DNSSEC security exposure Security Advisory Security Advisory Description The BIG-IP DNSSEC implementation returns an incorrect NSEC3 record for a DNS query for an RR type, which ...
F5 Networks

Multiple MySQL vulnerabilities

Multiple MySQL vulnerabilities Security Advisory Security Advisory Description CVE-2019-2730 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
F5 Networks

HTTP/2 Settings Flood vulnerability CVE-2019-9515

HTTP/2 Settings Flood vulnerability CVE-2019-9515 Security Advisory Security Advisory Description Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of ...
F5 Networks

HTTP/2 Ping Flood vulnerability CVE-2019-9512

HTTP/2 Ping Flood vulnerability CVE-2019-9512 Security Advisory Security Advisory Description Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service.
F5 Networks

HTTP/2 Reset Flood vulnerability CVE-2019-9514

HTTP/2 Reset Flood vulnerability CVE-2019-9514 Security Advisory Security Advisory Description Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.
F5 Networks

HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518

HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518 Security Advisory Security Advisory Description Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to ...
F5 Networks

HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517

HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517 Security Advisory Security Advisory Description CVE-2019-9511 Some HTTP/2 implementations are vulnerable to ...
F5 Networks

Multiple RTOS vulnerabilities

Multiple RTOS vulnerabilities Security Advisory Security Advisory Description CVE-2019-12255 Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP component (issue 1 of 4). This is a ...
F5 Networks

iControl REST and tmsh vulnerability CVE-2019-6621

iControl REST and tmsh vulnerability CVE-2019-6621 Security Advisory Security Advisory Description On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, 11.6.1-11.6.3.4, ...
F5 Networks

F5 tmsh vulnerability CVE-2019-6642

F5 tmsh vulnerability CVE-2019-6642 Security Advisory Security Advisory Description Authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to ...
F5 Networks

BIND vulnerability CVE-2018-5743

BIND vulnerability CVE-2018-5743 Security Advisory Security Advisory Description ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a ...
F5 Networks

BIND vulnerability CVE-2019-6471

BIND vulnerability CVE-2019-6471 Security Advisory Security Advisory Description ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a ...
SecurityWeek

Ready or Not, Here Comes FIDO: How to Prepare for Success

Planning and Preparation Are Key to Successfully Adopting FIDO Standards for “Simpler, Stronger Authentication” read more
SecurityWeek

Amazon, Microsoft, May be Putting World at Risk of Killer AI, Says Report

Amazon, Microsoft and Intel are among leading tech companies that could spearhead a global AI arms race, according to a report that surveyed major players from the sector about their stance on lethal autonomous weapons. read more
The Register

The Joy of Six… critical security patches: Cisco small biz switches open to hijacking via web UI

Turn it on, download these fixes, crank it up – and rip the KNOB off Cisco has emitted a fresh round of software updates to address security holes in its network switches and controllers.…

New FISMA Report Shows Progress, Gaps in Federal Cybersecurity

No major incidents mixed with continuing gaps in implementation paint an improving, but still muddy, picture of cybersecurity in the federal government.
ZDNet

A botnet has been cannibalizing other hackers’ web shells for more than a year

Neutrino botnet is hijacking servers by taking over other hackers' PHP and Java web shells.