7025 matches found
CVE-2021-27212
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service daemon exit via a short timestamp. This is related to schemainit.c and checkTime...
CVE-2021-27212
CVE-2021-27212 affects OpenLDAP 2.4.57 and 2.5.x through 2.5.1alpha. An assertion failure in slapd’s issuerAndThisUpdateCheck triggered by a crafted packet with a short timestamp leads to a denial of service (daemon exit). Root cause references schema_init.c and checkTime. No remediation details ...
CVE-2021-27212
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service daemon exit via a short timestamp. This is related to schemainit.c and checkTime...
CVE-2021-27212
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service daemon exit via a short timestamp. This is related to schemainit.c and checkTime...
CVE-2021-3033
An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized use...
Fedora 33 : privoxy (2021-6fe9346693)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-6fe9346693 advisory. - A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of...
QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c
An assertion failure flaw was found in QEMU in the network packet processing component. This issue affects the "e1000e" and "vmxnet3" network devices. This flaw allows a malicious guest user or process to abort the QEMU process on the host, resulting in a denial of service...
openSUSE Security Update : privoxy (openSUSE-2021-265)
This update for privoxy fixes the following issues : - Update to version 3.0.31 : - Security/Reliability boo1181650 - Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers Opera - Fixed a memory lea...
RHEL 7 : qemu-kvm-rhev (RHSA-2021:0459)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0459 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...
USN-4724-1: OpenLDAP vulnerabilities
It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...
USN-4724-1 openldap vulnerabilities
It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...
[ASA-202102-21] privoxy: denial of service
Arch Linux Security Advisory ASA-202102-21 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2021-20216 CVE-2021-20217 Package : privoxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1524 Summary ======= The package privoxy...
[ASA-202102-17] glibc: denial of service
Arch Linux Security Advisory ASA-202102-17 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2019-25013 CVE-2020-27618 CVE-2020-29562 CVE-2021-3326 Package : glibc Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-1320 Summary...
UBUNTU-CVE-2021-20217
A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...
EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1250)
According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2021-1195)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1275)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-1250)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1269)
According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier when processing invalid input sequences in the ISO-2022-JP-3 encoding fails an assertion in the code path and aborts the program potentially resulting in a denial of service.
...