DEBIAN-CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

Input validation

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

UBUNTU-CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-19126 DESCRIPTION: GNU C Library could allow a local attacker to bypass security restrictions, caused by failing to ignore...

CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

GNU C Library 安全漏洞

The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. A denial of service vulnerability exists in GNU C Library version 2.32 and earlier. The vulnerability stems from the iconv function in the GNU C Library failing to assert and aborting a...

CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils1: ar, objcopy, strip, and ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can trick these utilities...

QEMU Out-of-Bounds Read Access Vulnerability

QEMU is a set of simulation processors written by Fabrice Bellard and distributed with source code under the GPL license, widely used on the GNU/Linux platform. An out-of-bounds read access vulnerability exists in ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0. The vulnerability stems from a...

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

Fedora: Security Advisory for python3.8 (FEDORA-2021-cc3ff94cfc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Zmap - A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys

ZMap is a fast single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4 address space in under 45 minutes. With a 10gigE connection and PFRING, ZMap can scan the IPv4...

Selea Targa IP OCR-ANPR Camera Server-Side Request Forgery

Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD201106163745 BLD2003041709...

Selea Targa IP OCR-ANPR Camera - CSRF Add Admin

Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...

Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated Directory Traversal File Disclosure Vendor: Selea s.r.l. Product we...

Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)

Exploit Title: Oracle WebLogic Server 14.1.1.0 - RCE Authenticated Date: 2021-01-21 Exploit Author: Photubias Vendor Advisory: 1 https://www.oracle.com/security-alerts/cpujan2021.html Vendor Homepage: https://www.oracle.com Version: WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.3, 12.2.1.4, 14.1.1.0 fixed ...

Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com !/bin/bash Selea Targa IP OCR-ANPR Camera Unauthenticated Remote Code Execution Vendor: Selea s.r.l. Product web page:...

Selea Targa 512 IP OCR-ANPR Camera - Stream Disclosure (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated RTP/RTSP/M-JPEG Stream Disclosure Vendor: Selea s.r.l. Product web...

Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - Multiple SSRF Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model...