235 matches found
BELL-CVE-2020-1971 CVE-2020-1971 does not affect BellSoft software
Bulletin has no description...
Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2020-1971
Summary There is a vulnerability CVE-2020-1971 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAME, ...
openssl security update
1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug...
CVE-2023-1971
creationtimestamp| type| source ---|---|--- 2023-04-10 20:27:40+00:00| seen| https://t.me/cibsecurity/61779 2023-11-30 09:17:01+00:00| seen| https://t.me/arpsyndicate/808...
CVE-2023-1971 yuan1994 tpAdmin Upload.php remote server-side request forgery
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to laun...
CVE-2023-1971
CVE-2023-1971 affects yuan1994 tpAdmin 1.3.12. Affected component: the remote() function in application/admin/controller/Upload.php, where manipulation of the url argument enables server-side request forgery (SSRF). Exploitation can be performed remotely, and public disclosures exist (VDB-225408)...
Debian: Security Advisory (DSA-1971-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : ImageMagick (ALAS-2023-1971)
The version of ImageMagick installed on the remote host is prior to 6.9.10.68-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1971 advisory. An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in...
K42910051: OpenSSL vulnerability CVE-2020-1971
Security Advisory Description The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not...
SA44676 - December 08 2020 OpenSSL Security Advisory
Problem On December 08 2020, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities? per our End of Engineering EOE and End of Life EOL policies. The...
Juniper Junos OS Multiple Vulnerabilities (JSA69715)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69715 advisory. - The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have us...
CVE-2022-1971
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-1971
The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-1971
CVE-2022-1971 concerns the NextCellent Gallery WordPress plugin (
Security Bulletin: IBM InfoSphere Master Data Management Server vulnerability in OpenSSL
Summary The vulnerability in CVE-2020-1971 have been addressed in the latest interim Fix iFix available on Fix Central for all 3 affected versions. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the...
Siemens SINEC INS
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...
AlmaLinux 8 : openssl (ALSA-2020:5476)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5476 advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...
Mageia: Security Advisory (MGASA-2020-0465)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2022-1971 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insecure privilege management in the Windows DWM core library of the Microsoft Windows operating system. It allows an attacker to elevate their privileges...
Security Bulletin: This Power System update is being released to address CVE 2020-1971
Summary POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-1971. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of...