Google Android安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android that originates from a reachability assertion when processing peer-associated WLAN messages from hosts and non-standard incoming packets. The...

DEBIAN-CVE-2021-33054

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. Only versions after 2.0.5a are affected...

UBUNTU-CVE-2021-33054

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. Only versions after 2.0.5a are affected...

glibc security update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1933)

According to the version of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2021:1826-1)

This update for bind fixes the following issues : CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1954)

According to the version of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a...

Lasso SAML Implementation Vulnerability Affecting Cisco Products: June 2021

On June 1, 2021, Lasso disclosed a security vulnerability in the Lasso Security Assertion Markup Language SAML Single Sign-On SSO library. This vulnerability could allow an authenticated attacker to impersonate another authorized user when interacting with an application. For a description of thi...

CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

DEBIAN-CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

DEBIAN-CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

UBUNTU-CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

UPX Assertion Abort Vulnerability

UPX is an open source executable file packaging program that supports a variety of file formats from different operating systems. An assertion abort vulnerability exists in MemBuffer::alloc in mem.cpp in UPX version 4.0.0. An attacker can exploit this vulnerability via a specially crafted file to...

Oracle Linux 8 : bind (ELSA-2021-1989)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1989 advisory. 32:9.11.26-4 - Possible assertion failure on DNAME processing CVE-2021-25215 Tenable has extracted the preceding description block directly from the Oracle Linu...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...