'Picnic' Passes Test for Protecting IoT From Quantum Hacks



From Dark Reading:

 

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2019-7753
PUBLISHED: 2019-02-12

Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter.

CVE-2019-5595
PUBLISHED: 2019-02-12

In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed.

CVE-2019-5596
PUBLISHED: 2019-02-12

In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain …

CVE-2019-3923
PUBLISHED: 2019-02-12

Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user’s browser se…

CVE-2018-9582
PUBLISHED: 2019-02-11

In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation…

 

 

The original content can be found here: 'Picnic' Passes Test for Protecting IoT From Quantum Hacks

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.