Ubuntu: Security Advisory (USN-144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : olcne / istio / istio / kubernetes (ELSA-2021-9546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9546 advisory. - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778,...

CVE-2021-32781

CVE-2021-32781 affects Envoy, a open-source L7 proxy. The vulnerability arises during processing after a locally generated response, where an internal buffer overflow can prevent stopping request/response processing, potentially allowing access to freed memory. Affected Envoy versions include 1.1...

NCR SelfServ ATM dispenser software contains multiple vulnerabilities

Overview NCR SelfServ automated teller machines ATMs running APTRA XFS 05.01.00 or older are vulnerable to physical attacks on the communications bus between the currency dispenser component and the host computer. Description NCR SelfServ ATMs running APTRA XFS 05.01.00 or older contain...

Accellion File Transfer Appliance MPIPE2 - Command Execution (Metasploit)

$Id: accellionftampipe2.rb 11935 2011-03-11 17:37:23Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

USN-144-1: dbus vulnerability

Besides providing the global system-wide communication bus, dbus also offers per-user "session" buses which applications in an user's session can create and use to communicate with each other. Daniel Reed discovered that the default configuration of the session dbus allowed a local user to connec...