Ukraine Sees Surge in Election-Targeted Cyberattacks
From DHS/US-CERT’s National Vulnerability Database CVE-2018-19009
PUBLISHED: 2019-01-25
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text. This sensitive data is applicable to only the PMI m107 diag HMI device. An attacker with …
CVE-2018-19021
PUBLISHED: 2019-01-25
A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service.
CVE-2018-19023
PUBLISHED: 2019-01-25
Hetronic Nova-M radio control systems prior to version r161 use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.
CVE-2018-16881
PUBLISHED: 2019-01-25
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.
CVE-2019-3819
PUBLISHED: 2019-01-25
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Versions from …
Read More HERE