CVE-2021-20592

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...

CVE-2021-20592

CVE-2021-20592 affects Mitsubishi Electric GOT2000 family: GOT2000 GT27/GT25/GT23 MODBUS/TCP Slave drivers (versions 01.19.000–01.39.010) and GT SoftGOT2000 (versions 1.170C–1.256S). Root cause is missing synchronization in the MODBUS/TCP communication path, allowing a remote unauthenticated atta...

The vulnerability of the ARP Policer implementation on Juniper Networks’ Junos OS allows a perpetrator to circumvent traffic restrictions.

The vulnerability of the ARP Policer traffic filtering technology implemented in Juniper Networks’ Junos OS is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to circumvent traffic restrictions...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are caused by synchronization errors when using a common resource. This allows an attacker to escape the isolated software environment.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are caused by synchronization errors when using a common resource. Exploiting these vulnerabilities can allow an attacker to escape from a isolated software environment...

389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is t...

Security update for icinga2 (moderate)

openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2021:1069-1 Rating: moderate References: 1180147 Cross-References: CVE-2020-29663 CVSS scores: CVE-2020-29663 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-29663 SUSE: 5.3...

The vulnerability of the FortiSandbox threat detection and mitigation system, related to synchronization errors when using a shared resource, allows a perpetrator to trigger a service failure.

The vulnerability of the FortiSandbox threat detection and mitigation system arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to cause service interruptions...

Unspecified vulnerability in Nextcloud (CNVD-2021-51795)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which can be exploited by an attacker to enumerate...

Nextcloud Cross-Site Scripting Vulnerability (CNVD-2021-51801)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud Text in versions prior to 19.0.13, 20.0.11 and 21.0.3. No detailed vulnerability details are availabl...

Unspecified vulnerability in Nextcloud (CNVD-2021-51803)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...

Nextcloud Information Disclosure Vulnerability (CNVD-2021-51797)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3, which could result in the full path of a...

The vulnerability of the ManageOne data center management system, caused by synchronization errors when using a shared resource, allows a hacker to trigger a service failure.

The vulnerability of the ManageOne data center management system arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

OPENSUSE-SU-2021:1029-1 Security update for icinga2

This update for icinga2 fixes the following issues: icinga2 was updated to 2.12.4 Bugfixes - Fix a crash when notification objects are deleted using the API 8782 - Fix crashes that might occur during downtime scheduling if host or downtime objects are deleted using the API 8785 - Fix an issue whe...

Race condition

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

CVE-2020-29014

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

CVE-2020-29014

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2021-2151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : ntp (EulerOS-SA-2021-2151)

According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a serv...

Zoho ManageEngine ADSelfService Plus Information Disclosure Vulnerability

Zoho ManageEngine ADSelfService Plus is a web-based self-service application that enables end-users to perform tasks such as password reset, account unlocking, profile information update, etc. without relying on the help desk. An information disclosure vulnerability exists in Zoho ManageEngine...

zoho manageengine adselfservice plus 安全漏洞

Zoho ManageEngine ADSelfService Plus is a web-based self-service application that enables end-users to perform tasks such as password reset, account unlocking, profile information update, etc. without relying on the help desk. An information disclosure vulnerability exists in Zoho ManageEngine...