2678 matches found
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
CVE-2021-3480
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability. Mitigation Red Hat has investigated whether a...
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
PYSEC-2021-694
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...
CVE-2021-29568 Reference binding to null in `ParameterizedTruncatedNormal`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...
Fedora: Security Advisory for python-yara (FEDORA-2021-dd62918333)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PT-2021-8009 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free bug in the NFC subsystem of the Linux kernel, specifically in the llcp sock bind and llcp sock connect functions. This can be triggered when th...
bind security update
32:9.8.2-0.68.rc1.0.2.8 - Backport possible assertion failure on DNAME processing CVE-2021-25215...
Unspecified Vulnerability in HashiCorp Terraform
Hashicorp Terraform is an open source tool for provisioning and managing cloud infrastructure from HashiCorp Hashicorp, USA. A security vulnerability exists in HashiCorp Terraform versions prior to 2.19.1 that stems from a failure to properly configure the GCE type binding tag for Vault's GCP...
HashiCorp Terraform 安全漏洞
Hashicorp Terraform is an open source tool for provisioning and managing cloud infrastructure from HashiCorp Hashicorp, USA. A security vulnerability exists in HashiCorp Terraform versions prior to 2.19.1 that stems from a failure to properly configure the GCE type binding tag for Vault's GCP...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
Debian DSA-4880-1 : lxml - security update
Kevin Chung discovered that lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input. This would allow a malicious user to mount a cross-site scripting attack. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Debian: Security Advisory (DSA-4880-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
Debian DLA-2606-1 : lxml security update
An issue has been found in lxml, a pythonic binding for the libxml2 and libxslt libraries. Due to missing input sanitization, XSS is possible for the HTML5 formaction attribute. For Debian 9 stretch, this problem has been fixed in version 3.7.1-1+deb9u4. We recommend that you upgrade your lxml...
[SECURITY] [DLA 2606-1] lxml security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2606-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 24, 2021 https://wiki.debian.org/LTS -...
[SECURITY] Fedora 34 Update: gsoap-2.8.104-4.fc34
The gSOAP Web services development toolkit offers an XML to C/C++ language binding to ease the development of SOAP/XML Web services in C and C/C++...