Vulnerability & Threat Report

Microsoft Windows SMB Server Could Allow for Remote Code Execution (CVE-2020-0796) – Security Advisory

/
SUBJECT: A Vulnerability in Microsoft Windows SMB Server Could…

Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00241)

/
Multiple potential security vulnerabilities in Intel Active Management Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Vulnerability Detection Result

CentOS Update for bpftool CESA-2018:3651 centos7

/
The remote host is missing an update for the 'bpftool' package(s) announced via the CESA-2018:3651 advisory.

CVE-2018-15454 (Cisco SIP) Exploit Information

/
From October 2018, NCCIC analysts have observed network traffic indicating attempts, by unknown actors against multiple government agencies, to exploit a vulnerability [CVE-2018-15454] in the Session Initiation Protocol (SIP) inspection engine of Cisco ASA Software and Cisco FTD Software.

Ruby2.3 Security Update – CVE-2018-16395 CVE-2018-16396

/
Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems:

Armis Discovers “BLEEDINGBIT,” Two Critical Chip-Level Vulnerabilities

/
Armis, the enterprise IoT security company, today announced the discovery of two critical vulnerabilities related to the use of Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI), and used in Cisco, Meraki and Aruba wireless access points, called "BLEEDINGBIT."

CVE-2018-17914

/
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2.

p-smash DoS (ICMP 9 flood)

/
p-smash DoS (ICMP 9 flood) Vulnerability Severity p-smash…

Mozilla Firefox Multiple Vulnerabilities-01 May15 (Mac OS X)

/
Mozilla Firefox Multiple Vulnerabilities-01 May15 (Mac OS X)