stevejennings - Dark Reading

Hot Topics

Editors' Choice

6

Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push

Kelly Sheridan, Staff Editor, Dark Reading, 8/8/2018

1

White Hat to Black Hat: What Motivates the Switch to Cybercrime

Kelly Sheridan, Staff Editor, Dark Reading, 8/8/2018

1

PGA of America Struck By Ransomware

Dark Reading Staff 8/9/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

Beginner's Guide to Brute Force & DDoS Attacks

[Case Study] How GM works with hackers to enhance their security

Vulnerability Disclosure Policy (VDP) Basics

Hacker-Powered Pen Tests and the Power of More

The Fileless Attack Checklist

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-3937
PUBLISHED: 2018-08-14

An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2018-3938
PUBLISHED: 2018-08-14

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST r...

CVE-2018-12537
PUBLISHED: 2018-08-14

In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.

CVE-2018-12539
PUBLISHED: 2018-08-14

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows,...

CVE-2018-3615
PUBLISHED: 2018-08-14

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

Profile for stevejennings