Lucene search
K

36 matches found

OpenVAS
OpenVAS
added 2023/05/01 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-6049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.18891EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2023/04/28 4:2 p.m.72 views

USN-6049-1: Netty vulnerabilities

It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. CVE-2020-11612 It wa...

7.5CVSS6.5AI score0.18891EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/01 3:2 p.m.39 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Netty.io

Summary IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Netty.io. Vulnerability Details CVEID: CVE-2020-11612 DESCRIPTION: Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the...

7.5CVSS8.2AI score0.09438EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:30 p.m.49 views

Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a...

9.1CVSS0.6AI score0.13474EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/23 12:0 a.m.39 views

Oracle NoSQL Database Multiple Vulnerabilities (Apr 2021 CPU)

The version of Oracle NoSQL Database Enterprise running on the remote host is prior to 20.3.17. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in Oracle NoSQL Database component: Administration Node.js. The supported version th...

9.8CVSS6.6AI score0.77385EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.124 views

Oracle WebCenter Portal Multiple Vulnerabilities (Apr 2021 CPU)

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the January 2021 Critical Patch Update CPU. It is, therefore, affected by the following vulnerabilities: - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware componen...

7.5CVSS6.3AI score0.16157EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/04/21 1:15 p.m.240 views

Moderate: Red Hat Security Advisory: Satellite 6.9 Release

An update is now available for Red Hat Satellite 6.9 for RHEL 7. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: foreman:...

9.8CVSS7AI score0.45732EPSS
Exploits9References326
Tenable Nessus
Tenable Nessus
added 2021/04/06 12:0 a.m.239 views

Debian DSA-4885-1 : netty - security update

Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

9.1CVSS6.4AI score0.18891EPSS
Exploits4References10
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
OpenVAS
OpenVAS
added 2020/10/28 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4600-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.6AI score0.13474EPSS
Exploits4References2
OSV
OSV
added 2020/10/27 1:40 p.m.5 views

USN-4600-2 netty vulnerabilities

USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty server causing it to...

9.1CVSS6.9AI score0.13474EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/10/27 12:0 a.m.49 views

Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4600-2 advisory. USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it...

9.1CVSS7.1AI score0.13474EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2020/10/16 5:3 p.m.83 views

Memory exhaustion in http4s-async-http-client with large or malicious compressed responses

Impact A server we connect to with http4s-async-http-client could theoretically respond with a large or malicious compressed stream and exhaust memory in the client JVM. It does not affect http4s servers, other client backends, or clients that speak only to trusted servers. This is related to a...

7.5CVSS1.2AI score0.09438EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2020/10/14 11:16 a.m.99 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 1.7.5 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

8.8CVSS6.9AI score0.09438EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/30 5:41 p.m.38 views

Security Bulletin: A vulnerability in Netty affects IBM Netcool Agile Service Manager

Summary A vulnerability in Netty used by IBM Netcool Agile Service Manager. IBM Netcool Agile Service Manager has addressed the CVE. Vulnerability Details CVEID: CVE-2020-11612 DESCRIPTION: Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a...

7.5CVSS1.5AI score0.09438EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/27 6:10 p.m.28 views

Security Bulletin: IBM Cloud Private is vulnerable to a Netty vulnerability (CVE-2020-11612)

Summary IBM Cloud Private is vulnerable to a Netty vulnerability Vulnerability Details CVEID: CVE-2020-11612 DESCRIPTION: Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoders. By sending a large ZlibEncoded...

7.5CVSS0.6AI score0.09438EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/09/17 1:7 p.m.94 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.7 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.3AI score0.26587EPSS
Exploits5References27
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.47 views

Debian DLA-2364-1 : netty security update

Several vulnerabilities have been discovered in netty, a Java NIO client/server socket framework. CVE-2019-20444 HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interprete...

9.1CVSS6.9AI score0.13474EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2020/09/05 12:0 a.m.33 views

Debian: Security Advisory (DLA-2364-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.6AI score0.13474EPSS
Exploits3References4
Debian
Debian
added 2020/09/04 6:39 p.m.66 views

[SECURITY] [DLA 2364-1] netty security update

Debian LTS Advisory DLA-2364-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez September 04, 2020 https://wiki.debian.org/LTS Package : netty Version : 1:4.1.7-2+deb9u2 CVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 CVE-2020-11612 Debian Bug : 950966 9509...

9.1CVSS6.9AI score0.13474EPSS
Exploits4
Rows per page
Query Builder