The vulnerability of the Google Chrome browser’s URL component, related to security configuration errors, allows attackers to compromise data integrity.

The vulnerability of the Google Chrome browser’s URL component is related to insufficient data validation during formatting. Exploiting this vulnerability can allow an attacker to compromise the integrity of data...

The vulnerability of the FortiSandbox threat detection and mitigation system, related to synchronization errors when using a shared resource, allows a perpetrator to trigger a service failure.

The vulnerability of the FortiSandbox threat detection and mitigation system arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to cause service interruptions...

PT-2021-6585 · Oracle +11 · Mysql Server +10

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.34 and prior MySQL Server versions 8.0.25 and prior Description: The issue is related to errors in resource release in the InnoDB component of MySQL Server, allowing an unauthenticated attacker with network access vi...

PT-2021-3773 · Cockpit +5 · Cockpit +5

Name of the Vulnerable Software and Affected Versions: Cockpit affected versions not specified Description: The issue is related to clickjacking attacks, where a malicious website can render a page from a Cockpit server inside an iframe HTML entry. This could be exploited by a malicious website t...

PT-2021-4737 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Windows Print Spooler in Windows operating systems. This can allow a remote...

SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2021:2322-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2322-1 advisory. - In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact whe...

openSUSE: Security Advisory for sqlite3 (openSUSE-SU-2021:2320-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. Google Chrome 91.0.4472.164 was previously vulnerable to resource management errors that could be exploited by remote attackers to cause heap corruption via crafted HTML pages...

PT-2021-3738

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description A security issue exists in Kubernetes that could allow users to send network traffic to locations they would not normally have access to. This is due to a confused deputy attack. The issue...

SUSE: Security Advisory (SUSE-SU-2021:2320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for ffmpeg (important)

openSUSE Security Update: Security update for ffmpeg Announcement ID: openSUSE-SU-2021:2322-1 Rating: important References: 1172640 1186406 1186583 1186586 1186587 1186596 1186597 1186598 1186600 1186603 1186604 1186605 1186613 1186614 1186615 1186616 1186658 1186660 1186757 1186758 1186762 11867...

CVE-2021-33711

A vulnerability has been identified in Teamcenter Active Workspace V4 All versions V4.3.9, Teamcenter Active Workspace V5.0 All versions V5.0.7, Teamcenter Active Workspace V5.1 All versions V5.1.4. The affected application allows verbose error messages which allow leaking of sensitive informatio...

The vulnerability of the ManageOne data center management system, caused by synchronization errors when using a shared resource, allows a hacker to trigger a service failure.

The vulnerability of the ManageOne data center management system arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2021-6025 · Microsoft · Sharepoint Foundation +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is related to errors in...

PT-2021-5691 · Microsoft · Office Online Server

Name of the Vulnerable Software and Affected Versions: Microsoft Office Online Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Office Online Server. It may allow a remote attacker to conduct...

SUSE-SU-2021:2295-1 Security update for slurm_20_11

This update for slurm2011 fixes the following issues: Updated to 20.11.7 Summary of new features: CVE-2021-31215: Fixed a remote code execution as SlurmUser bsc1186024. slurmd - handle configless failures gracefully instead of hanging indefinitely. select/constres - fix Dragonfly topology not...

SUSE-SU-2021:1785-2 Security update for postgresql13

This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...

Funds are sent twice on callTo errors

Handle cmichel Vulnerability details Vulnerability Details The fulfill transaction on the receiving chain tries to call the addFunds and execute actions on txData.callTo. When any of the calls reverts, the funds are sent to the txData.receivingAddress. The txData.callTo is user-controlled and an...

The vulnerability of the mysql-wsrep component of the MariaDB database lies in errors during the processing of input data during syntax analysis. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the mysql-wsrep component of the MariaDB database is related to errors in processing input data during syntax analysis of the code. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

CVE-2021-32526

Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote attackers to access arbitrary password files. Suggest contacting with QSAN and refer to recommendations in QSAN Document...