CVE-2021-33593

Whale browser for iOS is affected (versions before 1.14.0) by an inconsistent user interface that allows an attacker to obfuscate the address bar, which may lead to address bar spoofing. The Red Hat and NVD entries corroborate the vulnerability description across multiple feeds. The available doc...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2021-0137)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, throu...

Moderate: nss and nspr security, bug fix, and enhancement update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. The following packages have been upgrad...

GHSA-RXR4-X558-X7HW Double free in smallvec

If an iterator passed to SmallVec::insertmany panicked in Iterator::next, destructors were run during unwinding while the vector was in an inconsistent state, possibly causing a double free a destructor running on two copies of the same value. This is fixed in smallvec 0.6.3 by ensuring that the...

CVE-2021-30948

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access stored passwords without authentication...

Authentication flaw

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access stored passwords without authentication...

CVE-2021-30948

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access stored passwords without authentication...

The vulnerability of Eclipse Jetty servlet containers, related to inconsistent interpretation of HTTP requests, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Eclipse Jetty servlet containers is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Information disclosure

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information...

Security Bulletin: CVE-2021-29711 Agent Upgrade through CLI requires inconsistent permission.

Summary Security Bulletin: CVE-2021-29711 Agent Upgrade through CLI requires inconsistent permission set with UI. Vulnerability Details CVEID: CVE-2021-29711 DESCRIPTION: IBM UrbanCode Deploy UCD could allow an authenticated user with certain permissions to initiate an agent upgrade through the C...

setYieldSource leads to temporary wrong results

Handle gpersoon Vulnerability details Impact The use of setYieldSource leaves the contract in a temporary inconsistent state because it changes the underlying yield source, but doesn't yet transfer the underlying balances, while the shares stay the same. The function balanceOfToken will show the...

Unchecked transfers found in 3 contracts

Handle maplesyrup Vulnerability details Impact This is a high priority vulnerability because it definitely affects the way that funds are transferred and sent between the contracts. You want to make sure that you check the boolean value from these transfer functions in order to make sure that the...

CVE-2021-27610

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be exploited by maliciou...

SUSE SLES11 Security Update : bind (SUSE-SU-2020:14400-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14400-1 advisory. - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called...

SUSE: Security Advisory (SUSE-SU-2014:1510-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

What Really Caused Facebook's 500M-User Data Leak?

The company's explanations have been confusing and inconsistent, but there are finally some answers...

The vulnerability of the Node.js software platform allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Node.js software platform is related to the inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

The vulnerability of the HTTP/2 mechanism implemented in the Apache HTTP Server allows attackers to cause service failures or lead to incorrect server configurations.

The vulnerability of the HTTP/2 web server implementation in the Apache HTTP Server is related to inconsistent interpretation of http requests. Exploiting this vulnerability can allow a malicious actor to cause service failures or lead to incorrect server configuration...

Apache Tomcat Information Disclosure Vulnerability (CNVD-2021-11841)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. A security vulnerability exists in Apache Tomcat that stems from inconsistent behavior of the JRE API File.getCanonicalPath with...

CVE-2019-12953

Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599...