Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers (CASB). The organizational need for a CASB has grown alongside the use of cloud apps to enable remote work and greater user productivity. When security.....
-0.6AI Score
Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers (CASB). The organizational need for a CASB has grown alongside the use of cloud apps to enable remote work and greater user productivity. When security.....
-0.6AI Score
(RHSA-2021:0727) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
Fedora: Security Advisory for bind (FEDORA-2021-28f97e232d)
The remote host is missing an update for...
8.1CVSS
8.2AI Score
0.187EPSS
Fedora: Security Advisory for bind (FEDORA-2021-0595625865)
The remote host is missing an update for...
8.1CVSS
8.2AI Score
0.187EPSS
EulerOS Virtualization for ARM 64 3.0.6.0 : libdb (EulerOS-SA-2021-1555)
According to the version of the libdb packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to...
3.3CVSS
5.1AI Score
0.001EPSS
[SECURITY] Fedora 32 Update: bind-9.11.28-1.fc32
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
8.1CVSS
8.2AI Score
0.187EPSS
[SECURITY] Fedora 33 Update: bind-9.11.28-1.fc33
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
8.1CVSS
8.2AI Score
0.187EPSS
CentOS: Security Advisory for bind (CESA-2021:0671)
The remote host is missing an update for...
8.1CVSS
8.3AI Score
0.187EPSS
Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory
Continuing our discussion of image parsing vulnerabilities in Windows, we take a look at a comparatively less popular vulnerability class: uninitialized memory. In this post, we will look at Windows’ inbuilt image parsers—specifically for vulnerabilities involving the use of uninitialized memory......
6.5CVSS
0.5AI Score
0.194EPSS
CentOS Errata and Security Advisory CESA-2021:0671 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...
8.1CVSS
8.4AI Score
0.187EPSS
(RHSA-2021:0694) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
(RHSA-2021:0693) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
(RHSA-2021:0692) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
(RHSA-2021:0691) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
Debian DLA-2578-1 : thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. For Debian 9 stretch, these problems have been fixed in version 1:78.8.0-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed...
8.8CVSS
-0.1AI Score
0.012EPSS
(RHSA-2021:0672) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
(RHSA-2021:0671) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
(RHSA-2021:0669) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.5AI Score
0.187EPSS
Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.1CVSS
2.2AI Score
0.187EPSS
(RHSA-2021:0670) Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
2.2AI Score
0.187EPSS
RHEL 8 : bind (RHSA-2021:0670)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0670 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a...
8.1CVSS
8.5AI Score
0.187EPSS
Debian DSA-4862-1 : firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information...
8.8CVSS
0.3AI Score
0.012EPSS
RHEL 7 : bind (RHSA-2021:0671)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0671 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a...
8.1CVSS
8.5AI Score
0.187EPSS
Debian DLA-2575-1 : firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. For Debian 9 stretch, these problems have been fixed in version 78.8.0esr-1~deb9u1. We recommend that you upgrade your...
8.8CVSS
-0.1AI Score
0.012EPSS
Ubuntu 20.10 : Thunderbird vulnerabilities (USN-4736-1)
The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4736-1 advisory. When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the...
8.8CVSS
6.8AI Score
0.006EPSS
Releases Ubuntu 20.10 Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to...
8.8CVSS
8.7AI Score
0.006EPSS
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU.....
7.5CVSS
7.5AI Score
0.001EPSS
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU.....
7.5CVSS
0.001EPSS
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU.....
7.5CVSS
7.5AI Score
0.001EPSS
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU.....
7.7AI Score
0.001EPSS
[SECURITY] Fedora 32 Update: cups-2.3.3op2-1.fc32
CUPS printing system provides a portable printing layer for UNIX=EF=BF=BD=EF=BF=BD operating systems. It has been developed by Apple In c. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
5.5CVSS
4.1AI Score
0.001EPSS
F5 Networks BIG-IP : BIG-IP ASM WebSocket vulnerability (K88230177)
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.3 / 13.1.3.6 / 14.1.3.1 / 15.1.2 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K88230177 advisory. On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x...
7.5CVSS
7.6AI Score
0.001EPSS
Fedora: Security Advisory for cups (FEDORA-2021-db5caaeb91)
The remote host is missing an update for...
5.5CVSS
5.9AI Score
0.001EPSS
[SECURITY] Fedora 33 Update: czmq-4.2.1-1.fc33
CZMQ has the following goals: i) To wrap the =EF=BF=BD=EF=BF=BDMQ core API in semantics that are natura l and lead to shorter, more readable applications. ii) To hide the differences between versions of =EF=BF=BD=EF=BF=BDMQ. iii) To provide a space for development of more sophisticated API...
2.9AI Score
K88230177 : BIG-IP ASM WebSocket vulnerability CVE-2021-22976
Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. (CVE-2021-22976) Impact When this vulnerability is exploited, the BIG-IP ASM system may take....
7.5CVSS
6AI Score
0.001EPSS
Fedora: Security Advisory for cups (FEDORA-2021-ef84cd3f69)
The remote host is missing an update for...
5.5CVSS
5.9AI Score
0.001EPSS
[SECURITY] Fedora 33 Update: cups-2.3.3op2-1.fc33
CUPS printing system provides a portable printing layer for UNIX=EF=BF=BD=EF=BF=BD operating systems. It has been developed by Apple In c. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
5.5CVSS
4.1AI Score
0.001EPSS
Debian DLA-2539-1 : firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. For Debian 9 stretch, these problems have been fixed in version 78.7.0esr-1~deb9u1. We recommend that you upgrade your...
8.8CVSS
-0.1AI Score
0.006EPSS
Debian DLA-2541-1 : thunderbird security update
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak. For Debian 9 stretch, these problems have been fixed in version 1:78.7.0-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the.....
8.8CVSS
8.5AI Score
0.006EPSS
Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2021-1150)
The remote host is missing an update for the Huawei...
3.3CVSS
4.3AI Score
0.001EPSS
EulerOS 2.0 SP8 : libdb (EulerOS-SA-2021-1150)
According to the version of the libdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and...
3.3CVSS
5.5AI Score
0.001EPSS
Updated db53 packages fix a security vulnerability
Vulnerability in the Data Store component of Oracle Berkeley DB. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in.....
3.3CVSS
5.3AI Score
0.001EPSS
Debian DSA-4840-1 : firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information...
8.8CVSS
0.3AI Score
0.006EPSS
Ubuntu 20.10 : Thunderbird vulnerabilities (USN-4701-1)
The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4701-1 advisory. Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory...
8.8CVSS
8.8AI Score
0.004EPSS
Releases Ubuntu 20.10 Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to...
8.8CVSS
8.8AI Score
0.004EPSS
Debian DLA-2521-1 : firefox-esr security update
A security issue was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 9 stretch, this problem has been fixed in version 78.6.1esr-1~deb9u1. We recommend that you upgrade your firefox-esr packages. For the detailed security...
8.8CVSS
9AI Score
0.002EPSS
Debian DSA-4827-1 : firefox-esr - security update
A security issue was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary...
8.8CVSS
9.1AI Score
0.002EPSS
Sealed U.S. Court Records Exposed in SolarWinds Breach
The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the...
7AI Score
SoftMaker Office TextMaker Document Record 0x001f sign-extension vulnerability
Summary An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the...
7.8CVSS
0.1AI Score
0.002EPSS