Security News
Vulnerabilities recently patched in Mini-SNMPD could be abused for denial-of-service attacks or to obtain sensitive information, Cisco Talos' security researchers report. It works on both x86 and ARM platforms running Ubuntu, Alpine Linux, and FreeBSD. Talos' researchers discovered a total of three vulnerabilities in Mini-SNMPD, including two out-of-bounds read bugs and one stack overflow.
Cisco this week informed customers that some of its Small Business Switches are affected by high-severity vulnerabilities that can be exploited to obtain sensitive device information and to launch denial-of-service attacks. The information disclosure vulnerability is caused by the lack of proper authentication controls and it can be exploited by sending specially crafted HTTP requests to the user interface of an affected switch.
Android’s December 2019 updates arrived this week, patching a small list of system and Qualcomm flaws across the operating system’s two patch levels.
One of the vulnerabilities Google addressed in Android with the December 2019 set of monthly patches is a critical vulnerability that could result in a permanent denial of service. read more
The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.
A group of security researchers from German universities has devised a new class of web cache poisoning attacks that could render victim services unreachable. read more
The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit.
A couple of vulnerabilities affecting the TwinCAT PLC runtime from Beckhoff can be exploited for denial-of-service (DoS) attacks, which may be triggered by malicious actors or by accident. read more
The bug was first found in 2016.
A firmware update NETGEAR recently released for the N300 series routers addresses two denial-of-service (DoS) vulnerabilities found by security researchers at Cisco’s Talos group. Tracked as...