Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949
Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949 Security Advisory Security Advisory Description CVE-2020-28948 Archive_Tar through 1.4.10 allows an unserialization attack because ...
QEMU vulnerability CVE-2020-27617
QEMU vulnerability CVE-2020-27617 Security Advisory Security Advisory Description eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can ...
Jetty vulnerability CVE-2019-10247
Jetty vulnerability CVE-2019-10247 Security Advisory Security Advisory Description In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running ...
Intel CPU vulnerability CVE-2020-0591
Intel CPU vulnerability CVE-2020-0591 Security Advisory Security Advisory Description Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to ...
Intel CPU vulnerability CVE-2020-0592
Intel CPU vulnerability CVE-2020-0592 Security Advisory Security Advisory Description Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to ...
The BIG-IP system may not interpret an HTTP request the same way the target web server interprets it
The BIG-IP system may not interpret an HTTP request the same way the target web server interprets it Security Advisory Security Advisory Description This issue occurs when all of the following ...
systemd vulnerability CVE-2018-15686
systemd vulnerability CVE-2018-15686 Security Advisory Security Advisory Description A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re- ...
Intel software vulnerabilities CVE-2020-8754, CVE-2020-8757, CVE-2020-8760, CVE-2020-12356
Intel software vulnerabilities CVE-2020-8754, CVE-2020-8757, CVE-2020-8760, CVE-2020-12356 Security Advisory Security Advisory Description CVE-2020-8754 Out-of-bounds read in subsystem for Intel(R ...
Intel software vulnerabilities CVE-2020-8750 CVE-2020-12355
Intel software vulnerabilities CVE-2020-8750 CVE-2020-12355 Security Advisory Security Advisory Description CVE-2020-8750 Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1. ...
Intel software vulnerabilities CVE-2020-8705, CVE-2020-8744, CVE-2020-8745, CVE-2020-8756
Intel software vulnerabilities CVE-2020-8705, CVE-2020-8744, CVE-2020-8745, CVE-2020-8756 Security Advisory Security Advisory Description CVE-2020-8705 Insecure default initialization of resource ...
Intel software vulnerabilities CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8752, CVE-2020-8753
Intel software vulnerabilities CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8752, CVE-2020-8753 Security Advisory Security Advisory Description CVE-2020-8746 Integer overflow in subsystem ...
Intel software vulnerabilities CVE-2020-12297, CVE-2020-12304, CVE-2020-12354
Intel software vulnerabilities CVE-2020-12297, CVE-2020-12304, CVE-2020-12354 Security Advisory Security Advisory Description CVE-2020-12297 Improper access control in Installer for Intel(R) CSME ...
Intel software vulnerabilities CVE-2020-8751, CVE-2020-8755, CVE-2020-8761, CVE-2020-12303
Intel software vulnerabilities CVE-2020-8751, CVE-2020-8755, CVE-2020-8761, CVE-2020-12303 Security Advisory Security Advisory Description CVE-2020-8751 Insufficient control flow management in ...
Intel SSD vulnerabilities CVE-2020-0584, CVE-2020-12309, CVE-2020-12310, CVE-2020-12311
Intel SSD vulnerabilities CVE-2020-0584, CVE-2020-12309, CVE-2020-12310, CVE-2020-12311 Security Advisory Security Advisory Description CVE-2020-0584 Buffer overflow in firmware for Intel(R) SSD ...
The BIG-IP DNS/GTM system may be exposed to DNS hijacking when the BIG-IP system host name belongs to a public domain name that the BIG-IP owner does not control
The BIG-IP DNS/GTM system may be exposed to DNS hijacking when the BIG-IP system host name belongs to a public domain name that the BIG-IP owner does not control Security Advisory Security ...
Linux kernel vulnerabilities CVE-2020-8694 and CVE-2020-8695
Linux kernel vulnerabilities CVE-2020-8694 and CVE-2020-8695 Security Advisory Security Advisory Description CVE-2020-8694 Insufficient access control in the Linux kernel driver for some Intel(R) ...
iControl REST vulnerability CVE-2020-5943
iControl REST vulnerability CVE-2020-5943 Security Advisory Security Advisory Description When a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated ...
TMM FastL4 vulnerability CVE-2019-6680
TMM FastL4 vulnerability CVE-2019-6680 Security Advisory Security Advisory Description While processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), ...
BIG-IQ system interface vulnerability CVE-2020-5944
BIG-IQ system interface vulnerability CVE-2020-5944 Security Advisory Security Advisory Description Accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interface returns ...
The BIG-IP system may fail to properly parse HTTP headers that are prepended by whitespace (non RFC2616 compliant)
The BIG-IP system may fail to properly parse HTTP headers that are prepended by whitespace (non RFC2616 compliant) Security Advisory Security Advisory Description The BIG-IP system may fail to ...
Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021
What 20 Leading Cybersecurity Experts Are Predicting For 2021
Italy Says Two Arrested for Defense Data Theft
Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.
The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...
The US Used the Patriot Act to Justify Logging Website Users
Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
