OpenLDAP < 2.4.43 DoS Vulnerability

OpenLDAP is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2021-2628)

According to the versions of the exiv2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmnint.cpp which can result in an informati...

Debian DSA-4998-1 : ffmpeg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4998 advisory. Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary...

Debian DLA-2799-1 : opencv - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2799 advisory. Several security vulnerabilities have been discovered in OpenCV, the Open Computer Vision Library. Buffer overflows, NULL pointer dereferences and out-of-bounds...

Updated ffmpeg packages fix security vulnerability

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. CVE-2020-20446 FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service...

NewStart CGSL MAIN 6.02 : gnutls Vulnerability (NS-SA-2021-0133)

The remote NewStart CGSL host, running version MAIN 6.02, has gnutls packages installed that are affected by a vulnerability: - A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve...

F5 Networks BIG-IP : BIND vulnerability (K96223611)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.4 / 15.1.4 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K96223611 advisory. - In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2021-0153)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

OpenLDAP < 2.4.57 Multiple DoS Vulnerabilities

OpenLDAP is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

OpenLDAP DoS Vulnerability (Feb 2021)

OpenLDAP is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2602)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2021-2620)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : openldap (EulerOS-SA-2021-2602)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to...

EulerOS 2.0 SP3 : bind (EulerOS-SA-2021-2572)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported...

Denial Of Service (DoS)

FFmpeg is vulnerable to denial of service. The vulnerability exists due to an assertion failure at src/libavutil/mathematics.c...

CLSA-2021-1634922250 Fixed CVEs in bind: CVE-2021-25214, CVE-2021-25216, CVE-2021-25215

A broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215 - A second vulnerability in BIND's GSSAPI security...

CVE-2021-3454

Truncated L2CAP K-frame causes assertion failure. Zephyr versions = 2.4.0, = v.2.50 contain Improper Handling of Length Parameter Inconsistency CWE-130, Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3...

CVE-2021-3454

Truncated L2CAP K-frame causes assertion failure. Zephyr versions = 2.4.0, = v.2.50 contain Improper Handling of Length Parameter Inconsistency CWE-130, Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3...

Design/Logic Flaw

Truncated L2CAP K-frame causes assertion failure. Zephyr versions = 2.4.0, = v.2.50 contain Improper Handling of Length Parameter Inconsistency CWE-130, Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3...

CVE-2021-3454 Truncated L2CAP K-frame causes assertion failure

Truncated L2CAP K-frame causes assertion failure. Zephyr versions = 2.4.0, = v.2.50 contain Improper Handling of Length Parameter Inconsistency CWE-130, Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3...