SUSE: Security Advisory (SUSE-SU-2021:3854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2021-1637583639 Fix of CVE: CVE-2021-3326, CVE-2021-43396

CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...

Security Bulletin: Vulnerability in bind (CVE-2021-25215) affects Power HMC

Summary BIND is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-25215 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By sending a query...

The vulnerability of the SAML (Security Assertion Markup Language) implementation of the IBM Data Risk Manager application, which allows attackers to bypass security mechanisms for identifying, analyzing, and visualizing business risks.

The vulnerability of the SAML Security Assertion Markup Language implementation of the IBM Data Risk Manager application, which is used for identifying, analyzing, and visualizing business risks, is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow...

Oracle Linux 8 : bind (ELSA-2021-4384)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4384 advisory. 32:9.11.26-6 - Use random entropy to generate unique TKEY identifiers 1980916 32:9.11.26-5 - Fix possible assertion failure iscrefcountcurrent == 0 in freerbtdb...

bind security and bug fix update

32:9.11.26-6 - Use random entropy to generate unique TKEY identifiers 1980916 32:9.11.26-5 - Fix possible assertion failure iscrefcountcurrent == 0 in freerbtdb 1953056...

NetworkManager security, bug fix, and enhancement update

1.32.10-4.0.1 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity- subpackage for 8.3 1:1.32.10-4 - revert unapproved patches part of 'cloud-setup' change rh 1977984 1:1.32.10-3 - preserve the IPv6 multicast route added by kernel ...

ISC BIND DoS Vulnerability (CVE-2011-1907)

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Debian DLA-2818-1 : ffmpeg - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2818 advisory. - FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service. CVE-2020-20445 - FFmpeg...

Palo Alto Networks PAN-OS 缓冲区错误漏洞

A memory corruption vulnerability exists in Palo Alto Networks PAN-OS, an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A problem with the software memory handling leads to a memory corruption vulnerability, which allows an authenticated attacker to execute...

lasso: XML signature wrapping vulnerability when parsing SAML responses

An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from this vulnerability...

bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

kernel: ALSA: ymfpci: Fix BUG_ON in probe function

An assertion failure was found in the Linux kernel's Yamaha YMF sound card driver during buffer validation. The probe function includes a BUGON assertion that compares DMA buffer sizes without accounting for alignment, causing the assertion to fail when the aligned buffer size doesn't exactly mat...

HP Inkjet printers 安全漏洞

HP Inkjet printers is an Inkjet series printer from Hewlett-Packard HP in the United States. A security vulnerability exists in HP Inkjet printers that stems from a maliciously crafted print file may cause certain HP Inkjet printers to assert. In some cases, the printers generate a core dump to t...

CLSA-2021-1636389447 Fixed CVEs in glibc: CVE-2021-43396, CVE-2021-3326

CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...

CLSA-2021-1636389414 Fix CVE(s): CVE-2021-3326, CVE-2021-43396

SECURITY UPDATE: assertion failure in ISO-2022-JP-3 module - debian/patches/any/CVE-2021-3326.patch: enqueue a second wide character which cannot be written immediately in the state variable. - CVE-2021-3326 SECURITY UPDATE: emission of a spurious '\0' character on state reset -...

VulnCheck KEV: CVE-2020-4427

IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication...

Micro Focus Access Manager Information Leakage Vulnerability

Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

PT-2021-7256 · Cisco · Cisco Identity Services Engine

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine ISE affected versions not specified Description: A vulnerability in the login page of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to log in without credentials and access a...