Skip to content

Home Early Warning System Issues
Issues
Vulnerability in Glibc Affects Multiple F5 Products
Wednesday, 17 April 2019 12:00

A glibc heap-based buffer over-read vulnerability was reported in multiple F5 products. An attacker may run arbitrary code or cause a denial-of-service (DoS) on the affected system. No fix/mitigation was available at the time of this entry.

 
Microsoft Edge and IE Browsers Zero-Days Vulnerabilities
Tuesday, 02 April 2019 12:00

Two zero-day vulnerabilities were reported in Microsoft's web browsers, one of which affects the latest version of Microsoft Internet Explorer and another affects the latest Edge Browser. Both vulnerabilities allow a remote attacker to bypass same-origin policy on victim's web browser. PoC for both the zero-days have been made publicly available, but no patch was avaialbe at the time of this entry. Users are advised to use other web brothers that are not affected by these vulnerabilities.

 
Vulnerability in GNU C Affects Multiple F5 Products
Wednesday, 27 March 2019 14:00

A vulnerability was reported in GNU C Library in multiple F5 products. An attacker can exploit this vulnerability to cause a denial of service on the affected system. No patch was available at the time of this entry. To mitigate this vulnerability, users should permit connectivity access to the affected F5 products only over a secure network and restrict access to the affected systems to only trusted users.

 
Mitigation for a Privilege Escalation Vulnerability in Microsoft Exchange Server
Thursday, 07 February 2019 21:00

Microsoft has released a security advisory with mitigation for an elevation of privilege vulnerability in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server. Users are strongly encouraged to test workarounds prior to deploying them into production to understand the potential impact.

 
Microsoft Exchange Server 2013 and Newer Remote Privilege Escalation Vulnerability
Tuesday, 29 January 2019 18:00

A vulnerability was reported in Microsoft Exchange Server 2013 and Newer. An attacker that has credentials for an Exchange mailbox and also has the ability to communicate with both a Microsoft Exchange server and a Windows domain controller may be able to gain domain administrator privileges. No patch was available at the time of this entry. Users can apply mitigations in the blog post.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 142
[YOUR IP: 3.80.223.123: 50400] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...