EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-2262)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-2277)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2251)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2277)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-2251)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to...

EulerOS 2.0 SP9 : unbound (EulerOS-SA-2021-2259)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext...

EulerOS 2.0 SP9 : unbound (EulerOS-SA-2021-2285)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext...

VulnCheck KEV: CVE-2021-22506

Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used...

CVE-2021-22920

A vulnerability has been discovered in Citrix ADC formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway, and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a...

CVE-2021-22927

A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session...

MikroTik RouterOS Assertion Failure Vulnerability

MikroTik RouterOS is a Linux-based router operating system developed by MikroTik Latvia.An assertion failure vulnerability exists in MikroTik RouterOS, which stems from an authentication error in the product's /ram/pckg/security/nova/bin/ipsec process. An attacker could exploit this vulnerability...

lasso: XML signature wrapping vulnerability when parsing SAML responses

An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from this vulnerability...

AIX 7.2 TL 4 : bind (IJ33278)

https://vulners.com/cve/CVE-2021-25215 https://vulners.com/cve/CVE-2021-25215 ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By sending a query for DNAME records, an attacker could exploit this vulnerability to trigger a...

DEBIAN-CVE-2021-1093

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of...

CVE-2020-20262

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...

CVE-2020-20262

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...

Spoofing

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...

CVE-2020-20262

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...

CVE-2020-20262

The entries identify CVE-2020-20262 affecting MikroTik RouterOS before version 6.47 (stable). The vulnerability is an assertion failure in the /ram/pckg/security/nova/bin/ipsec process, exploitable by an authenticated remote attacker sending a crafted packet to cause a Denial of Service. Connecte...

MikroTik RouterOS 代码问题漏洞

MikroTik RouterOS is a Linux-based router operating system developed by MikroTik Latvia.An assertion failure vulnerability exists in MikroTik RouterOS, which stems from an authentication error in the product's /ram/pckg/security/nova/bin/ipsec process. An attacker could exploit this vulnerability...