EulerOS Virtualization for ARM 64 3.0.2.0 : bind (EulerOS-SA-2021-2092)

According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported...

EulerOS Virtualization for ARM 64 3.0.2.0 : cairo (EulerOS-SA-2021-2095)

According to the versions of the cairo packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in cairo 1.16.0. There is an infinite loop in the function arcerrornormalized in the file...

EulerOS Virtualization for ARM 64 3.0.2.0 : openldap (EulerOS-SA-2021-2084)

According to the versions of the openldap packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the...

Amazon Linux 2 : unbound (ALAS-2021-1683)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1683 advisory. 2024-01-19: CVE-2019-25033 was added to this advisory. A flaw was found in unbound. An integer overflow in regionalalloc...

EulerOS Virtualization 3.0.6.6 : openldap (EulerOS-SA-2021-2029)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2029)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : openldap (EulerOS-SA-2021-2004)

According to the versions of the openldap packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the...

The vulnerability of FortiWeb web applications’ network firewalls arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This vulnerability allows attackers to execute arbitrary commands.

The vulnerability of FortiWeb web applications’ network firewalls exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, using the SAML serve...

EulerOS 2.0 SP8 : bind (EulerOS-SA-2021-1975)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported...

Denial Of Service (DoS)

openexr is vulnerable to denial of service. An out-of-bounds write in makeMultiView.cpp in exrmultiview leads to an assertion failure or possibly unspecified other impact...

OESA-2021-1244 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

MGASA-2021-0275 Updated bind packages fix a security vulnerability

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

Security Bulletin: BIND for IBM i is affected by CVE-2021-25214 and CVE-2021-25215

Summary BIND is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-25214 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a broken inbound incremental zone update IXFR. By sending a specially crafted IXFR, an attacker could exploit...

CVE-2021-29754

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor TAI. IBM X-Force ID: 202006...

CVE-2020-23319

There is an Assertion in 'flags CBCSTACKADJUSTSHIFT = CBCSTACKADJUSTBASE || CBCSTACKADJUSTBASE - flags CBCSTACKADJUSTSHIFT stackdepth' in parseremitcbcbackwardbranch in JerryScript 2.2.0...

CVE-2020-23320

There is an Assertion in 'contextp-nextscannerinfop-type == SCANNERTYPEFUNCTION' in parserparsefunctionarguments in JerryScript 2.2.0...

CVE-2020-23314

There is an Assertion 'blockfound' failed at js-parser-statm.c:2003 parserparsetrystatementend in JerryScript 2.2.0...

CVE-2020-23322

There is an Assertion in 'contextp-token.type == LEXERRIGHTBRACE || contextp-token.type == LEXERASSIGN || contextp-token.type == LEXERCOMMA' in parserparseobjectinitializer in JerryScript 2.2.0...

CVE-2020-23313

There is an Assertion 'scopestackp contextp-scopestackp' failed at js-scanner-util.c:2510 in scannerliteraliscreated in JerryScript 2.2.0...

CVE-2020-23314

There is an Assertion 'blockfound' failed at js-parser-statm.c:2003 parserparsetrystatementend in JerryScript 2.2.0...