604 matches found
[SECURITY] Fedora 32 Update: community-mysql-8.0.24-1.fc32
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
CVE-2021-23002
When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of th...
[SECURITY] Fedora 34 Update: openssh-8.5p1-2.fc34
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
[SECURITY] Fedora 34 Update: python-aiohttp-3.7.4-1.fc34
Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable routing...
Design/Logic Flaw
SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected...
Owncloud Cross-Site Request Forgery Vulnerability
Owncloud ownCloud is a set of personal cloud storage solutions from the American company ownCloud Owncloud. A cross-site request forgery vulnerability exists in OwnCloud Core, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and...
CVE-2021-22977
On BIG-IP version 16.0.0-16.0.1 and 14.1.2.4-14.1.3, cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. Note: Software versions which have reached End of Software Development EoSD are not evaluated...
Puppet Security Vulnerabilities
Puppet is a set of configuration management tools based on a client/server C/S architecture from Puppet Labs in the United States, which can be used to manage profiles, users, cron tasks, packages, system services, etc.Puppet Agent is a Puppet agent end-program. Puppet Agent has a security...
CVE-2020-26759
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
DEBIAN-CVE-2020-14782
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
UBUNTU-CVE-2020-14781
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Information leakage vulnerability in Zijinqiao monitoring configuration software
Zijinqiao monitoring and configuration software is a professional Zijinqiao monitoring and configuration software, which adopts C/S architecture and has database processing technology and graphic system. There is an information disclosure vulnerability in Zijinqiao Monitoring and Configuration...
How DNS(Domain Name System) works with GSLB feature on NetScaler
The Domain Name SystemDNS system is considered as a distributed database which uses the Client/Server architecture. Name Servers are the servers in the architecture, and the resolvers are the clients that are typically library routines installed on an operating system that create and send queries...
UBUNTU-CVE-2020-14355
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...
[SECURITY] Fedora 33 Update: community-mysql-8.0.21-11.fc33
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
CVE-2020-26149
NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server...
freerdp: out-of-bounds read in cliprdr_read_format_list function
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformatlist. Clipboard format data read by client or server might read data out-of-bounds. This has been fixed in 2.1.0...