Pierluigi Paganini
July 10, 2020
Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Juniper Networks addressed several vulnerabilities in its products, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Half a dozen of the flaws are DoS issues that have been rated high severity. […]
Pierluigi Paganini
July 10, 2020
Two security researchers have found undocumented Telnet admin account accounts in 29 FTTH devices from Chinese vendor C-Data. Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data. The CDATA OLTs are sold under different brands, including Cdata, OptiLink, V-SOL CN, and BLIY. Some of the […]
Pierluigi Paganini
July 02, 2020
Cisco announced that it has patched several vulnerabilities affecting its products, including security issues in Small Business routers and switches. Cisco has addressed eight vulnerabilities affecting its products, including flaws in Small Business routers and switches. The most severe flaw, tracked as CVE-2020-3297, affects Small Business and managed switches, it has been rated by Cisco as […]
Pierluigi Paganini
June 24, 2020
VMware addressed 10 vulnerabilities affecting its ESXi, Workstation and Fusion products, including critical and high-severity code issues on the hypervisor. VMware has addressed 10 vulnerabilities affecting ESXi, Workstation and Fusion products, including critical and high-severity issues that can be exploited by attackers to execute arbitrary code on the hypervisor. The most serious issue is a […]
Pierluigi Paganini
April 21, 2020
The OpenSSL Project has released a security update for OpenSSL that addresses a DoS vulnerability tracked as CVE-2020-1967. The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. This is the first issue addressed in OpenSSL in […]
Pierluigi Paganini
March 18, 2020
VMware released security updates to address high severity privilege escalation and DoS in the Workstation, Fusion, VMware Remote Console and Horizon Client. VMware has released security updates to address high severity privilege escalation and denial-of-service (DoS) flaws in the Workstation, Fusion, Remote Console and Horizon Client. The two security vulnerabilities have been tracked as CVE-2020-3950 and CVE-2020-3951 respectively. The CVE-2020-3950 is […]
Pierluigi Paganini
February 12, 2020
Siemens issued Patch Tuesday updates for February 2020 that fixed serious denial-of-service (DoS) flaws in several of its products. Siemens released Patch Tuesday updates for February 2020 that address serious denial-of-service (DoS) flaws in several of its products. According to the advisories released by the vendor, a high-severity DoS flaw affects Siemens SIMATIC PCS 7, […]
Pierluigi Paganini
January 30, 2020
Cisco addressed high-severity flaws in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Cisco released security patches to addressed high-severity vulnerabilities in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Both issues could be exploited […]
Pierluigi Paganini
December 19, 2019
The Drupal development team released versions 7.69, 8.7.11 and 8.8.1, which address several vulnerabilities, including a serious file processing issue. Drupal developers have released versions 7.69, 8.7.11 and 8.8.1, which address several vulnerabilities, including a serious file processing issue. The most serious issue is related to the Archive_Tar third-party library, it has been assigned a […]
Pierluigi Paganini
December 16, 2019
Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products. Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers. The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions. The three vulnerabilities are: The first […]
