CVE-2021-34713 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames...

Fedora: Security Advisory for lynx (FEDORA-2021-f59bda7d94)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames...

Authentication flaw

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

Ubuntu 20.04 LTS : Linux kernel (KVM) vulnerabilities (USN-5000-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5000-2 advisory. USN-5000-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and the Linux HWE kernel for Ubuntu 18.04 LTS. This update provides the...

Compro Camera 安全漏洞

Compro Technology Camera is a video camera from Compro Technology China. A security vulnerability exists in Compro Camera that stems from mjpegStreamer.cgi that allows access to video screenshots. The following products and versions are affected: Compro IP70 2.087130218, IP570 2.087130520, IP60 a...

GHSA-R6G8-JMJ9-G945 Improper Restriction of Rendered UI Layers or Frames in yourls

yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames...

DEBIAN-CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...

ALPINE-CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...

UBUNTU-CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...

CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...

CVE-2021-3734

yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames...

Input validation

yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames...

CVE-2021-3734 Improper Restriction of Rendered UI Layers or Frames in yourls/yourls

yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames...

CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...

CVE-2021-32780

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstanding. The connection state is transitioned to...

CVE-2021-32780

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstanding. The connection state is transitioned to...

CVE-2019-9515

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

dotnet: ASP.NET Core WebSocket frame processing DoS

An infinite loop error was found in ASP.NET when processing WebSocket frames. The exploitation of this issue can cause high CPU resource consumption. The highest threat from this vulnerability is to system availability...

dotnet: ASP.NET Core WebSocket frame processing DoS

An infinite loop error was found in ASP.NET when processing WebSocket frames. The exploitation of this issue can cause high CPU resource consumption. The highest threat from this vulnerability is to system availability...