Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19794PUBLISHED: 2019-12-13The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.
CVE-2019-19795PUBLISHED: 2019-12-13samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.
CVE-2019-19796PUBLISHED: 2019-12-13Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.
CVE-2019-5253PUBLISHED: 2019-12-13
E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a man in the middle att...
CVE-2019-5260PUBLISHED: 2019-12-13
Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vul...
User Rank: Ninja
1/28/2016 | 10:27:54 AM