SUSE-SU-2021:1990-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.1: + Improve handling of Media Capture devices. + Improve WebAudio playback. + Improve video orientation handling. + Improve seeking support for MSE playback. + Improve flush support in EME decryptors. + Fix HTTP...

CSRF vulnerability in Jenkins Xray - Test Management for Jira Plugin allows capturing credentials

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not require POST requests for a connection test method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified...

CVE-2021-32623

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a seemingly permanent denial of service attack, essentially taking down Opencast usin...

Double free

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a seemingly permanent denial of service attack, essentially taking down Opencast usin...

CVE-2021-28858

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information...

CVE-2021-28858

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information...

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. An infinite loop in DVB-S2-BB dissector allows an attacker to crash the application via packet injection or a malicious capture file...

TP-Link TL-WPA4220 信息泄露漏洞

Tp-link TP-Link TL-WPA4220 is a home wireless WiFi bridge that extends wireless signals from China's Tp-link. The device can transmit data at high speed over the line to extend the network to areas that are currently not covered. The TP-Link TL-WPA4220 suffers from an information disclosure...

Opencast 安全漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast versions prior to 9.6, which can be exploited by attackers to conduct denial-of-service attacks...

CVE-2021-21664

An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored i...

CVE-2021-21664

CVE-2021-21664 affects the Jenkins XebiaLabs XL Deploy Plugin up to version 10.0.1, where an incorrect permission check allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs, enabling access to username/password credential...

SUSE: Security Advisory (SUSE-SU-2018:1988-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wireshark infinite loop vulnerability (CNVD-2022-11207)

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. An infinite loop vulnerability...

Can two VPN “wrongs” make a right? Lock and Code S02E10

This week on Lock and Code, were presenting you something a little different. Were telling you a story—with no guest interview included—that involves the use of VPNs. In 2016, a mid-20s man began an intense, prolonged harassment campaign against his new roommate. He emailed her from spoofed email...

CVE-2021-22222

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file...

UBUNTU-CVE-2021-22222

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file...

Design/Logic Flaw

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file...

CVE-2021-22222

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file...

CVE-2021-22222

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file...

CVE-2021-22222

Wireshark is affected by CVE-2021-22222 due to an infinite loop in the DVB-S2-BB dissector, impacting 3.4.0 through 3.4.5 and enabling a denial-of-service via crafted captures or packet injection. The issue originates in the DVB-S2-BB parser; exploiting it causes the Wireshark process to hang, co...