ATENTION‼ New - CVE-2019-13995
📖 Read
via "National Vulnerability Database".
u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-13994
📖 Read
via "National Vulnerability Database".
u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-13992
📖 Read
via "National Vulnerability Database".
u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-10629
📖 Read
via "National Vulnerability Database".
u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-10628
📖 Read
via "National Vulnerability Database".
u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, Bitra, MDM9205, MDM9650, MSM8998, Nicobar, QCA6390, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-10615
📖 Read
via "National Vulnerability Database".
u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-10596
📖 Read
via "National Vulnerability Database".
u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Nicobar, QCS605, QCS610, Rennell, SA6155P, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-10562
📖 Read
via "National Vulnerability Database".
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-10527
📖 Read
via "National Vulnerability Database".
u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6574AU, QCA8081, QCM2150, QCN7605, QCN7606, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-13903
📖 Read
via "National Vulnerability Database".
u'Error in UE due to race condition in EPCO handling' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150📖 Read
via "National Vulnerability Database".
🕴 8 Frequently Asked Questions on Organizations' Data Protection Programs 🕴
📖 Read
via "Dark Reading: ".
Adherence to data protection regulations requires a multidisciplinary approach that has the commitment of all employees. Expect to be asked questions like these.📖 Read
via "Dark Reading: ".
Dark Reading
8 Frequently Asked Questions on Organizations' Data Protection Programs
Adherence to data protection regulations requires a multidisciplinary approach that has the commitment of all employees. Expect to be asked questions like these.
❌ Bug in Google Maps Opened Door to Cross-Site Scripting Attacks ❌
📖 Read
via "Threatpost".
A researcher discovered a cross-site scripting flaw in Google Map's export function, which earned him $10,000 in bug bounty rewards.📖 Read
via "Threatpost".
Threat Post
Bug in Google Maps Opened Door to Cross-Site Scripting Attacks
A researcher discovered a cross-site scripting flaw in Google Map's export function, which earned him $10,000 in bug bounty rewards.
❌ Cryptobugs Found in Numerous Google Play Store Apps ❌
📖 Read
via "Threatpost".
A new dynamic tool developed by Columbia University researchers flagged cryptography mistakes made in more than 300 popular Android apps.📖 Read
via "Threatpost".
Threat Post
Cryptobugs Found in Numerous Google Play Store Apps
A new dynamic tool developed by Columbia University researchers flagged cryptography mistakes made in more than 300 popular Android apps.
🕴 Post-COVID-19 Cybersecurity Spending Update 🕴
📖 Read
via "Dark Reading: ".
Security spending growth will slow in 2020, but purse strings are looser than for other areas of IT.📖 Read
via "Dark Reading: ".
Dark Reading
Post-COVID-19 Security Spending Update
Security spending growth will slow in 2020, but purse strings are looser than for other areas of IT.
🔐 How SMBs are overcoming key challenges in cybersecurity 🔐
📖 Read
via "Security on TechRepublic".
Small and midsized businesses cited budget constraints as their biggest security obstacle, according to Untangle.📖 Read
via "Security on TechRepublic".
TechRepublic
How SMBs are overcoming key challenges in cybersecurity
Small and midsized businesses cited budget constraints as their biggest security obstacle, according to Untangle.
❌ Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers ❌
📖 Read
via "Threatpost".
Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches.📖 Read
via "Threatpost".
Threat Post
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches.
🕴 VPNs: The Cyber Elephant in the Room 🕴
📖 Read
via "Dark Reading: ".
While virtual private networks once boosted security, their current design doesn't fulfill the evolving requirements of today's modern enterprise.📖 Read
via "Dark Reading: ".
Dark Reading
VPNs: The Cyber Elephant in the Room
While virtual private networks once boosted security, their current design doesn't fulfill the evolving requirements of today's modern enterprise.
🕴 Google Cloud Expands Confidential Computing Lineup 🕴
📖 Read
via "Dark Reading: ".
Google plans to build out its Confidential Computing portfolio with the launch of Confidential GKE Nodes for Kubernetes workloads.📖 Read
via "Dark Reading: ".
Dark Reading
Google Cloud Expands Confidential Computing Lineup
Google plans to build out its Confidential Computing portfolio with the launch of Confidential GKE Nodes for Kubernetes workloads.
🕴 WordPress Plug-in Has Critical Zero-Day 🕴
📖 Read
via "Dark Reading: ".
The vulnerability in WordPress File Manager could allow a malicious actor to take over the victim's website.📖 Read
via "Dark Reading: ".
Darkreading
WordPress Plug-in Has Critical Zero-Day
The vulnerability in WordPress File Manager could allow a malicious actor to take over the victim's website.
🔏 Following Data Theft, NJ Hacker Sentenced 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
The hacker admitted last year that he broke into two companies – one his former employer – and stole more than 15,000 files.📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Following Data Theft, NJ Hacker Sentenced
The hacker admitted last year that he broke into two companies – one his former employer – and stole more than 15,000 files.
❌ Critical Intel Active Management Technology Flaw Allows Privilege Escalation ❌
📖 Read
via "Threatpost".
The critical Intel vulnerability could allow unauthenticated attackers gain escalated privileges on Intel vPro corporate systems.📖 Read
via "Threatpost".
Threat Post
Critical Intel Active Management Technology Flaw Allows Privilege Escalation
The critical Intel vulnerability could allow unauthenticated attackers gain escalated privileges on Intel vPro corporate systems.