Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.
Published at: May 21, 2020 at 04:15PM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2020-10738
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.
Published at: May 21, 2020 at 12:15PM
View on website
New vulnerability on the NVD: CVE-2020-10725
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`.
Published at: May 20, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2020-10726
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
Published at: May 20, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-5997
Video Insight VMS 7.5 and earlier allows remote attackers to conduct code injection attacks via unspecified vectors.
Published at: May 20, 2020 at 07:15AM
View on website
Educ Arte Económico 