Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This flaw stems from the improper buffer size […]
Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to trigger a denial of service condition on the host. US CISA warns that Citrix has released security updates to address flaws in Hypervisor that could be exploited by threat actors to execute code in a […]
The OpenSSL Project addresses two high-severity vulnerabilities, including one related to verifying a certificate chain and one that can trigger a DoS condition. The OpenSSL Project this week released version 1.1.1k to address two high-severity vulnerabilities, respectively tracked as CVE-2021-3450 and CVE-2021-3449. The CVE-2021-3449 vulnerability could be exploited to trigger a DoS condition by sending a […]
IBM has released security patches to address high- and medium-severity vulnerabilities impacting some of its enterprise solutions. IBM has released security updates to address several high- and medium-severity flaws affecting some of its enterprise products, including IBM Java Runtime, IBM Planning Analytics Workspace, and IBM Kenexa LMS On Premise. Two issues, tracked as CVE-2020-14782 and […]
A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks. The security expert Nikita Abramov from Positive Technologies discovered a DoS vulnerability, tracked as CVE-2020-27716, that affects certain versions of F5 BIG-IP Access Policy Manager (APM). The F5 BIG-IP Access Policy Manager is a secure, flexible, […]
Microsoft Patch Tuesday security updates for January 2021 address 83 vulnerabilities, including a critical flaw actively exploited in the wild. Microsoft Patch Tuesday security updates for January 2021 fix 83 security vulnerabilities in multiple products, including Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Office and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Malware Protection Engine, […]
An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack. Andrey Medov, a security researcher at Positive Technologies, found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could be exploited by attackers to hack into corporate networks. The flaws, tracked as CVE-2020-29015, CVE-2020-29016, CVE-2020-29018, and […]
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL Project warned of a ‘high-severity’ security vulnerability in the TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The flaw is a null pointer dereference, successful exploitation could trigger denial-of-service conditions. The vulnerability was reported […]
Cisco Talos found several remotely exploitable denial-of-service (DoS) vulnerabilities in a Rockwell Automation industrial automation product. A researcher from Cisco Talos released technical details of several remotely exploitable denial-of-service (DoS) vulnerabilities in an industrial automation product made by Rockwell Automation. The product affected by the flaw is the Allen-Bradley 1794-AENT Flex I/O series B adapter, […]
The INVDoS (Bitcoin Inventory Out-of-Memory Denial-of-Service)Attack would have allowed hackers to crash Bitcoin nodes and alternative chains. Two years ago, the Bitcoin protocol engineer Braydon Fuller. discovered a major uncontrolled memory resource consumption denial-of-service vulnerability (INVDoS), tracked as CVE-2018-17145, that affected the peer-to-peer network code of three implementations of Bitcoin and other blockchains, including Litecoin, Namecoin, […]