Bluetooth – Encryption Key Negotiation of Bluetooth Vulnerability
Description: Bluetooth BR/EDR key negotiation vulnerability exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker would need specialized hardware and would be limited by the range of the Bluetooth devices in use.
Threat: An attacker who exploited the vulnerability could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes.
HTTP/2 –Server Denial of Service Vulnerability
Description: A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.
Threat: An attacker who exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive.
Adobe – Out of Bound Read
Description: Adobe has released updates for Photoshop CC to resolve multiple critical and important vulnerabilities which cloud lead to arbitrary code execution in the context of the current user.
Threat: A successful exploit of this vulnerability could lead to a memory leak.