resource-agents bug fix and enhancement update

An update is available for resource-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The resource-agents packages provide the Pacemaker and RGManager...

Cisco Small Business RV Series Routers Link Layer Discovery Protocol Multiple Vulnerabilities (cisco-sa-rv-multi-lldp-u7e4chCe)

According to its self-reported version, Cisco Small Business RV Series Routers Link Layer Discovery Protocol is affected by multiple vulnerabilities. - Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business RV Series Routers. An...

bit-docs-generate-html (>=0.0.1 <=0.7.1), bit-docs-generate-searchmap (>=0.0.1-0 <=0.2.0-pre.3) +5 more potentially affected by CVE-2021-23429 via transpile (>=0.9.7 <=2.4.0-pre.0)

transpile NPM version =0.9.7, =0.0.1, =0.0.1-0, =0.5.0, =5.0.0, =0.16.6, =1.4.0-pre.1 Source cves: CVE-2021-23429 Source advisory: OSV:GHSA-7XRJ-F5RP-J55H...

Cisco NX-OS Software Denial of Service Vulnerability (CNVD-2021-68721)

Cisco NX-OS Software is a set of data center-class operating system software for switches from Cisco, U.S. A denial-of-service vulnerability exists in the VXLAN OAM feature of Cisco NX-OS Software, which can be exploited by attackers by sending specially crafted packets to cause high device CPU...

Cisco NX-OS Software Denial of Service Vulnerability (CNVD-2021-68727)

Cisco NX-OS Software is a set of data center-class operating system software for switches from Cisco, U.S. A denial-of-service vulnerability exists in the implementation of the system login block-for command in Cisco NX-OS Software, which could be exploited by an attacker to log into a process by...

CVE-2021-1590

A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service DoS condition. This vulnerability is due to a logic error in the...

Cisco NX-OS Software 输入验证错误漏洞

Cisco NX-OS Software is a set of data center-class operating system software for switches from Cisco, U.S. A denial-of-service vulnerability exists in the VXLAN OAM feature of Cisco NX-OS Software, which can be exploited by attackers by sending specially crafted packets to cause high device CPU...

Cisco Firepower Threat Defense Software Web Services File Upload DoS (cisco-sa-asaftd-fileup-dos-zvC7wtys)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the web services interface that allows an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected...

Cisco Firepower Threat Defense Software Inline Pair/Passive Mode DoS (cisco-sa-ftd-inline-dos-nXqUyEqM)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the ingress packet processing path for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of...

Cisco Adaptive Security Appliance Software Release 7.0.0 IPsec DoS (cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC)

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2021-1422

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2021-1422

CVE-2021-1422 affects Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0. The issue is a logic error in the software cryptography module that handles certain decryption errors over an established IPsec connection, causing an abnormal device reload and a DoS. The vulnerability’...

Cisco 7000 Series IP Camera Memory Leak Vulnerability

The Cisco 7000 Series IP cameras are 5 megapixel, high definition, outdoor fixed dome cameras in vandal resistant enclosures with pan/tilt/zoom functionality.The Cisco 7000 Series IP camera implementation of Link Layer Discovery Protocol LLDP in firmware versions prior to 2.12.4 is vulnerable to ...

Broadcom MediaxChange Vulnerability Affecting Cisco Products: July 2021

A vulnerability in the TrustZone implementation in certain Broadcom MediaxChange firmware was reported by security researchers. To exploit this vulnerability on the affected Cisco products, the attacker would need to dismount the backplate of the device and trigger a specific series of impulses o...

NSClient++ 0.5.2.35 Remote Code Execution Exploit

This Metasploit module allows an attacker with knowledge of the admin password of NSClient++ to start a privileged shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled. This module requires Metasploit: https://metasploit.com/download Curre...

NSClient++ 0.5.2.35 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NSClient++ 0.5.2.35 - ExternalScripts Authenticated Remote Code Execution', 'Description' = %q This module allows an attacker with knowledge of t...

NSClient++ 0.5.2.35 - ExternalScripts Authenticated Remote Code Execution

This module allows an attacker with knowledge of the admin password of NSClient++ to start a privilege shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled. Module Options msf use exploit/windows/http/nscpauthenticatedrce msf...

SUSE: Security Advisory (SUSE-SU-2014:0541-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : opera (openSUSE-2021-829)

This update for opera fixes the following issues : Update to version 76.0.4017.154 - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212 - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode - DNA-92587 Sync settings: Use old password button doesnt work - DNA-926...

openSUSE Security Update : opera (openSUSE-2021-828)

This update for opera fixes the following issues : Update to version 76.0.4017.154 - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212 - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode - DNA-92587 Sync settings: Use old password button doesnt work - DNA-926...