EulerOS 2.0 SP10 : dhcp (EulerOS-SA-2022-2842)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported...

Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Replay attacks & Displaying arbitrary contents product: Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol electronic shelf labels vulnerable version: All fixed version:...

Capsule Console 安全漏洞

Capsule Console is a web interface for Capsule8 from Capsule USA, Inc. for event management, sensor configuration, and system analysis. A security vulnerability exists in versions of Capsule prior to 0.1.3, which stems from the fact that an attacker can detach namespaces from tenants that are...

Electronic Shelf Label 安全漏洞

Electronic Shelf Tags Electronic Shelf Label is a digital label management software from Electronic Shelf Tags, Inc. A security vulnerability exists in the Electronic Shelf Label protocol that stems from its lack of authentication, which allows an attacker to change the value of a label via a 433...

CVE-2022-41685

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Viszt Péter's Integration for Szamlazz.hu & WooCommerce plugin = 5.6.3.2 and Csomagpontok és szállítási címkék WooCommerce-hez plugin = 1.9.0.2 on WordPress...

Cross site scripting

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perfo...

PT-2022-21432 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.3.5 GitLab CE/EE version 15.4 prior to 15.4.4 GitLab CE/EE version 15.5 prior to 15.5.2 Description: A cross-site scripting issue has been discovered in GitLab CE/EE. It was possible to exploit a vulnerabilit...

CVE-2022-3265

Removed by vendor...

PT-2022-6667 · Cisco · Cisco Secure Workload

Name of the Vulnerable Software and Affected Versions: Cisco Secure Workload affected versions not specified Description: A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should...

TikTok’s Security Threat Comes Into Focus

Plus: A Microsoft cloud leak exposed potential customers, new IoT security labels come to the US, and details emerge about Trump’s document stash...

How Microsoft Purview and Priva help simplify data protection

At Microsoft Security, we understand how challenging it is to protect your most important asset, your data, in today’s threat landscape. You’re faced with evolving challenges—from empowering employees for greater productivity to eliminating gaps in your infrastructure—all while trying to protect...

UBUNTU-CVE-2022-2865

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, 15.2 to 15.2.4 and 15.3 prior to 15.3.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perform...

EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2022-2515)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploite...

CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

ALPINE-CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

Design/Logic Flaw

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

CVE-2022-2929 DHCP memory leak

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

UBUNTU-CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...