MG Strategy+ - Foundation LogoSEC

MG Strategy+

Cybersecurity Data Services

Join Now-Sign Up
Log In

SEC

Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
MGS+ EPCM Workgroup
MGS+ ICS Workgroup
MGS+ Operational Efficiencies Workgroup
MGS+ Partners
Uncategorized

001 MGS Alerts Advisories

Oracle Database up to 19.2 Oracle Application Express cross site scripting
A vulnerability has been found in Oracle Database up to 19.2 (Database Software) and classified as critical. This vulnerability affects some unknown processing of the component Oracle Application Express. Upgrading ... read more
Oracle Database up to 19.2 Oracle Application Express unknown vulnerability
A vulnerability was found in Oracle Database up to 19.2 (Database Software) and classified as critical. This issue affects an unknown function of the component Oracle Application Express. Upgrading eliminates ... read more
Oracle Database up to 19.2 Oracle Application Express unknown vulnerability
A vulnerability was found in Oracle Database up to 19.2 (Database Software). It has been classified as critical. Affected is an unknown functionality of the component Oracle Application Express. Upgrading ... read more
Updated FFIEC ‘Business Continuity’ handbook highlights planning
... read more
Oracle Database up to 19.2 Oracle Application Express cross site scripting
A vulnerability, which was classified as critical, has been found in Oracle Database up to 19.2 (Database Software). Affected by this issue is an unknown code of the component Oracle ... read more
Oracle Database up to 19.2 Oracle Application Express unknown vulnerability
A vulnerability, which was classified as critical, was found in Oracle Database up to 19.2 (Database Software). This affects an unknown code block of the component Oracle Application Express. Upgrading ... read more
Oracle Database 18c GeoRaster out-of-bounds write
A vulnerability classified as critical was found in Oracle Database 18c (Database Software). Affected by this vulnerability is an unknown part of the component GeoRaster. Upgrading eliminates this vulnerability. A ... read more
81.467
Modified (6)Adware/Android_Dowgin!AndroidAdware/Dnotua!AndroidAdware/Joyad!AndroidAdware/MobiDash!AndroidAdware/Notifyer!AndroidRiskware/Seldor!Android ]]> ... read more
Critical Vulnerability in Oracle WebLogic Server (CERT-EU Security Advisory 2020-053)
In October, within the monthly Critical Patch Update Advisory addressing hundreds of vulnerabilities, Oracle released an update about a critical vulnerability affecting WebLogic Server. This vulnerability may allow unauthenticated attackers ... read more
Oracle Database 18c Core RDBMS numeric error
A vulnerability was found in Oracle Database 18c (Database Software). It has been rated as critical. This issue affects an unknown functionality of the component Core RDBMS. Upgrading eliminates this ... read more
Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1/18c/19c Data Pump unknown vulnerability
A vulnerability classified as critical has been found in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1/18c/19c (Database Software). Affected is some unknown functionality of the component Data Pump. Upgrading eliminates this vulnerability. A possible ... read more
Security automation tools and analytics reshape SecOps efforts
... read more
SAP Disclosure Management 10.1 Session Expiration session expiration
A vulnerability, which was classified as critical, was found in SAP Disclosure Management 10.1. This affects an unknown functionality of the component Session Expiration. There is no information about possible ... read more
Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1/18c/19c Java VM unknown vulnerability
A vulnerability was found in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1/18c/19c (Database Software). It has been declared as critical. This vulnerability affects an unknown function of the component Java VM. Upgrading eliminates this ... read more
Oracle Database 12.2.0.1/18c/19c MapViewer access control
A vulnerability was found in Oracle Database 12.2.0.1/18c/19c (Database Software). It has been classified as critical. This affects some unknown processing of the component MapViewer. Upgrading eliminates this vulnerability. A ... read more
SAP Disclosure Management 10.1 Session Expiration session expiration
A vulnerability has been found in SAP Disclosure Management 10.1 and classified as critical. This vulnerability affects some unknown functionality of the component Session Expiration. There is no information about ... read more
SAP Disclosure Management 10.1 session fixiation [CVE-2020-6290]
A vulnerability, which was classified as critical, has been found in SAP Disclosure Management 10.1. Affected by this issue is an unknown function. There is no information about possible countermeasures ... read more
CVE-2020-4588
IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579. ... read more
CVE-2020-4584
IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in ... read more
CVE-2020-4782 (websphere_application_server)
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot ... read more
CVE-2020-4767 (sterling_connect:direct)
IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a ... read more
CVE-2020-16140 (greenmart)
The search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS. ... read more
Adobe Flash – it’s the end of the end of the end of the road at last
The journey to the end of Flash. Are we there yet? ... read more
This Week in Security News: Trend Micro Researcher Uncover Two Espionage Backdoors Associated with Operation Earth Kitsune and Trickbot and Ransomware Attackers Plan Big Hit on U.S. Hospitals
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how ... read more
IBM Resilient SOAR 38.0 unbekannte Schwachstelle [CVE-2020-4864]
In IBM Resilient SOAR 38.0 wurde eine kritische Schwachstelle gefunden. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines alternativen Produkts bietet sich im Zweifelsfall an. ... read more
codemirror bis 5.58.1 Regular Expression erweiterte Rechte
Eine Schwachstelle wurde in codemirror bis 5.58.1 gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist eine unbekannte Funktion der Komponente Regular Expression Handler. Ein Upgrade auf die Version 5.58.2 ... read more
Pimcore bis 6.8.2 relationIds SQL Injection
In Pimcore bis 6.8.2 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Hierbei betrifft es ein unbekannter Ablauf. Ein Aktualisieren auf die Version 6.8.3 vermag dieses Problem zu lösen. ... read more
F5 BIG-IP bis 11.6.5.2/12.1.5.2/13.1.3.4 IPSec Tunnel schwache Verschlüsselung
Es wurde eine Schwachstelle in F5 BIG-IP bis 11.6.5.2/12.1.5.2/13.1.3.4 (Firewall Software) gefunden. Sie wurde als problematisch eingestuft. Dabei betrifft es ein unbekannter Prozess der Komponente IPSec Tunnel Handler. Ein Upgrade ... read more
F5 BIG-IP AFM bis 15.1.0.5 Traffic Management Microkernel Denial of Service
Eine Schwachstelle wurde in F5 BIG-IP AFM bis 15.1.0.5 (Firewall Software) entdeckt. Sie wurde als problematisch eingestuft. Dies betrifft eine unbekannte Verarbeitung der Komponente Traffic Management Microkernel. Ein Aktualisieren vermag ... read more
Big BIG-IP LTM bis 12.1.5.1/13.1.3.4/14.1.2.7/15.1.0.5 Traffic Management Microkernel Denial of Service
In Big BIG-IP LTM bis 12.1.5.1/13.1.3.4/14.1.2.7/15.1.0.5 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Das betrifft ein unbekannter Codeblock der Komponente Traffic Management Microkernel. Ein Upgrade vermag dieses Problem ... read more
F5 BIG-IP bis 13.1.3.3/14.1.2.3/15.1.0.5 MQTT Traffic Denial of Service
Es wurde eine Schwachstelle in F5 BIG-IP bis 13.1.3.3/14.1.2.3/15.1.0.5 (Firewall Software) entdeckt. Sie wurde als problematisch eingestuft. Es betrifft unbekannter Code der Komponente MQTT Traffic Handler. Ein Aktualisieren vermag dieses ... read more
F5 BIG-IP APM bis 13.1.3.3/14.1.2.3/15.1.0.5 SLO URL Denial of Service
Eine problematische Schwachstelle wurde in F5 BIG-IP APM bis 13.1.3.3/14.1.2.3/15.1.0.5 (Firewall Software) ausgemacht. Hierbei geht es um unbekannter Programmcode der Komponente SLO URL Handler. Ein Upgrade vermag dieses Problem zu ... read more
F5 BIG-IP bis 11.6.5.2/12.1.5.2/13.1.3.4/14.1.2.3/15.1.0.5 OneConnect Profile Denial of Service
Eine problematische Schwachstelle wurde in F5 BIG-IP bis 11.6.5.2/12.1.5.2/13.1.3.4/14.1.2.3/15.1.0.5 (Firewall Software) gefunden. Es geht hierbei um eine unbekannte Funktionalität der Komponente OneConnect Profile Handler. Ein Aktualisieren vermag dieses Problem zu ... read more
F5 BIG-IP bis 11.6.5.1/12.1.5.1/13.1.3.4/14.1.2.3/15.1.0.5 HTTP Compression Denial of Service
In F5 BIG-IP bis 11.6.5.1/12.1.5.1/13.1.3.4/14.1.2.3/15.1.0.5 (Firewall Software) wurde eine problematische Schwachstelle ausgemacht. Dabei geht es um ein unbekannter Codeteil der Komponente HTTP Compression Handler. Ein Aktualisieren vermag dieses Problem zu ... read more
F5 BIG-IP ASM bis 15.1.0.5 Configuration Utility Cross Site Scripting
Es wurde eine problematische Schwachstelle in F5 BIG-IP ASM bis 15.1.0.5 (Firewall Software) ausgemacht. Es geht dabei um ein unbekannter Teil der Komponente Configuration Utility. Ein Upgrade vermag dieses Problem ... read more
81.466
Modified (10)Adware/DblStr!AndroidAdware/DrdDream!AndroidAdware/MobiDash!AndroidAndroid/Agent.FAG!trAndroid/Agent.QO!tr.dldrAndroid/Banker.AOJ!tr.spyAndroid/Dialer.AB!trAndroid/Piom.AFFO!trAndroid/Triada.DR!triOS/Vortex.A!exploit ]]> ... read more
Big BIG-IP LTM up to 12.1.5.1/13.1.3.4/14.1.2.7/15.1.0.5 Traffic Management Microkernel resource consumption
A vulnerability classified as problematic was found in Big BIG-IP LTM up to 12.1.5.1/13.1.3.4/14.1.2.7/15.1.0.5. This vulnerability affects an unknown functionality of the component Traffic Management Microkernel. Upgrading eliminates this vulnerability. ... read more
F5 BIG-IP up to 13.1.3.3/14.1.2.3/15.1.0.5 MQTT Traffic denial of service
A vulnerability classified as problematic has been found in F5 BIG-IP up to 13.1.3.3/14.1.2.3/15.1.0.5 (Firewall Software). This affects an unknown function of the component MQTT Traffic Handler. Upgrading eliminates this ... read more
F5 BIG-IP APM up to 13.1.3.3/14.1.2.3/15.1.0.5 SLO URL denial of service
A vulnerability was found in F5 BIG-IP APM up to 13.1.3.3/14.1.2.3/15.1.0.5 (Firewall Software). It has been rated as problematic. Affected by this issue is some unknown processing of the component ... read more
Pimcore up to 6.8.2 relationIds sql injection
A vulnerability has been found in Pimcore up to 6.8.2 and classified as critical. Affected by this vulnerability is an unknown code. Upgrading to version 6.8.3 eliminates this vulnerability. The ... read more
F5 BIG-IP up to 11.6.5.2/12.1.5.2/13.1.3.4 IPSec Tunnel inadequate encryption
A vulnerability, which was classified as problematic, was found in F5 BIG-IP up to 11.6.5.2/12.1.5.2/13.1.3.4 (Firewall Software). Affected is an unknown part of the component IPSec Tunnel Handler. Upgrading eliminates ... read more
codemirror up to 5.58.1 Regular Expression incorrect regex
A vulnerability was found in codemirror up to 5.58.1 and classified as critical. Affected by this issue is an unknown code block of the component Regular Expression Handler. Upgrading to ... read more
F5 BIG-IP AFM up to 15.1.0.5 Traffic Management Microkernel denial of service
A vulnerability, which was classified as problematic, has been found in F5 BIG-IP AFM up to 15.1.0.5 (Firewall Software). This issue affects some unknown functionality of the component Traffic Management ... read more
IBM Resilient SOAR 38.0 vulnerabilità sconosciuta [CVE-2020-4864]
Un punto critico di livello critico è stato rilevato in IBM Resilient SOAR 38.0. Informazioni riguardo una possibile contromisura non sono al momento disponibili. Si suggerisce di sostituire il prodotto ... read more
Pimcore fino 6.8.2 relationIds sql injection
Un punto critico di livello critico è stato rilevato in Pimcore fino 6.8.2. É interessato una funzione sconosciuta. L'aggiornamento alla versione 6.8.3 elimina questa vulnerabilità. L'aggiornamento è scaricabile da github.com. ... read more
IBM i2 Analyst Notebook 9.2.0/9.2.1 buffer overflow [CVE-2020-4724]
Una vulnerabilità di livello critico è stata rilevata in IBM i2 Analyst Notebook 9.2.0/9.2.1. Interessato da questa vulnerabilità è una funzione sconosciuta. Informazioni riguardo una possibile contromisura non sono al ... read more
F5 BIG-IP fino 11.6.5.2/12.1.5.2/13.1.3.4 IPSec Tunnel crittografia debole
Una vulnerabilità di livello problematico è stata rilevata in F5 BIG-IP fino 11.6.5.2/12.1.5.2/13.1.3.4 (Firewall Software). Da questa vulnerabilità è interessato una funzione sconosciuta del componente IPSec Tunnel Handler. L'aggiornamento elimina ... read more
F5 BIG-IP AFM fino 15.1.0.5 Traffic Management Microkernel denial of service
In F5 BIG-IP AFM fino 15.1.0.5 (Firewall Software) stata rilevata una vulnerabilità di livello problematico. Interessato da questa vulnerabilità è una funzione sconosciuta del componente Traffic Management Microkernel. L'aggiornamento elimina ... read more
Big BIG-IP LTM fino 12.1.5.1/13.1.3.4/14.1.2.7/15.1.0.5 Traffic Management Microkernel denial of service
È stata rilevata una vulnerabilità di livello problematico in Big BIG-IP LTM fino 12.1.5.1/13.1.3.4/14.1.2.7/15.1.0.5. Riguarda una funzione sconosciuta del componente Traffic Management Microkernel. L'aggiornamento elimina questa vulnerabilità. ... read more
F5 BIG-IP APM fino 13.1.3.3/14.1.2.3/15.1.0.5 SLO URL denial of service
Un punto di debole di livello problematico è stato rilevato in F5 BIG-IP APM fino 13.1.3.3/14.1.2.3/15.1.0.5 (Firewall Software). Da questa vulnerabilità è interessato una funzione sconosciuta del componente SLO URL ... read more

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Friday, October 30, 2020

Disclaimer |
Terms |
Privacy
About-Services |
Blog-Reports
YouTube
Pinterest
LinkedIn
Twitter
LinkedIn
Twitter
Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Hello

Your Account Type is
Your Mail Id is
Your Username is

PDF Library Search

Security Briefing Search

Foundation Logo Search

Reset Password

Reset Password

You have no permission to access this content