Monthly
Insuffient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised HV to trigger an out of bounds condition without RMP checks resulting in a. Rated medium severity (CVSS 5.6).
Denial of service in Cisco Secure Firewall Threat Defense via crafted SSL packets allows unauthenticated remote attackers to crash the Snort 3 Detection Engine through a memory management logic error during SSL inspection. An attacker can exploit this vulnerability by sending malicious SSL packets through an established connection, forcing the detection engine to unexpectedly restart and interrupt security monitoring. No patch is currently available for this medium-severity issue.
Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.
Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Insuffient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised HV to trigger an out of bounds condition without RMP checks resulting in a. Rated medium severity (CVSS 5.6).
Denial of service in Cisco Secure Firewall Threat Defense via crafted SSL packets allows unauthenticated remote attackers to crash the Snort 3 Detection Engine through a memory management logic error during SSL inspection. An attacker can exploit this vulnerability by sending malicious SSL packets through an established connection, forcing the detection engine to unexpectedly restart and interrupt security monitoring. No patch is currently available for this medium-severity issue.
Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.
Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.