CVE-2021-28543

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

Null pointer dereference

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

CVE-2021-28543

Technical details about CVE-2021-28543 are not publicly provided in the supplied documents; no affected versions or fixes are confirmed here. Monitor for updates from vendors and security advisories.

CVE-2021-28543

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

CVE-2021-28543

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

Martin Blix Grydeland varnish-modules 代码问题漏洞

Martin Blix Grydeland varnish-modules is an open source application by Martin Blix Grydeland. It is used to describe HTTP request/response policies with additional functionality. A security vulnerability exists in varnish-modules that could allow a remote attacker to cause a denial of service...

USN-4804-1 puppet vulnerabilities

It was discovered that Puppet installed modules with world writable permissions. An attacker could use this vulnerability to execute arbitrary code or cause a denial of service. CVE-2017-10689 It was discovered that Puppet could be used to force YAML deserialization in an unsafe manner. A remote...

DLLHSC - DLL Hijack SCanner A Tool To Assist With The Discovery Of Suitable Candidates For DLL Hijacking

DLL Hijack SCanner - A tool to generate leads and automate the discovery of candidates for DLL Search Order Hijacking Contents of this repository This repository hosts the Visual Studio project file for the tool DLLHSC, the project file for the API hooking functionality detour, the project file f...

SYS.2.3.A14

Peripheriegeraete SOLLTEN nur nutzbar sein, wenn sie auf einer zentral verwalteten Whitelist gefuehrt sind. Kernelmodule fuer Peripheriegeraete SOLLTEN nur geladen und aktiviert werden, wenn das Geraet auf der Whitelist steht. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might...

Metasploit Wrap-Up

Archive directory traversals, now with your daily allowance of JSP In a year already full of hot vulnerabilities, CVE-2021-21972 in VMware's vCenter Server may already seem like old news. It's not, though! Thanks to wvu-r7 for grabbing this unauthenticated file upload combined with archive...

Updated glib2.0 packages fix security vulnerabilities

Fix various instances within GLib where gmemdup was vulnerable to a silent integer truncation and heap overflow problem discovered by Kevin Backhouse, work by Philip Withnall 2319 Fix some issues with handling over-long invalid input when parsing for GDate !1824 Don't load GIO modules or parse...

M-System Giken Co M-System DL8 安全漏洞

M-System Giken Co The M-System DL8 is an Ethernet adapter from Japan M-System Giken Co. Provides types designed to connect DL8 and R8 series modules. A security vulnerability exists in the M-System Giken Co M-System DL8, which can be exploited by an unauthorized attacker to perform an operation...

NewStart CGSL MAIN 4.06 : sudo Multiple Vulnerabilities (NS-SA-2021-0001)

The remote NewStart CGSL host, running version MAIN 4.06, has sudo packages installed that are affected by multiple vulnerabilities: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a...

grub2: Use-after-free in rmmod command

A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...

SUSE SLES15 Security Update : rpmlint (SUSE-SU-2021:0658-1)

This update for rpmlint fixes the following issues : Whitelist PAM modules and DBUS rules for cockpit bsc1169614 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...

[SECURITY] Fedora 32 Update: ansible-2.9.18-1.fc32

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 33 Update: ansible-2.9.18-1.fc33

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

SUSE-SU-2021:0658-1 Security update for rpmlint

This update for rpmlint fixes the following issues: - Whitelist PAM modules and DBUS rules for cockpit bsc1169614...

SUSE SLED15 / SLES15 Security Update : rpmlint (SUSE-SU-2021:0597-1)

This update for rpmlint fixes the following issues : Whitelist PAM modules and DBUS rules for cockpit bsc1169614 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...

UBUNTU-CVE-2020-35662

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated...