CVE-2020-14348

A flaw was found in AMQ Online before 1.5.2, where injecting an invalid field to a user's address space configuration of the user namespace puts AMQ Online in an inconsistent state. In this inconsistent state, the AMQ Online components do not operate properly. For example, the failure of...

EulerOS 2.0 SP8 : bind (EulerOS-SA-2020-1795)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can,...

NewStart CGSL MAIN 6.01 : bind Multiple Vulnerabilities (NS-SA-2020-0031)

The remote NewStart CGSL host, running version MAIN 6.01, has bind packages installed that are affected by multiple vulnerabilities: - With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining...

The vulnerability of the JBoss platform, related to inconsistent interpretation of http requests, allows attackers to compromise the integrity of data.

The vulnerability of the JBoss platform is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability can allow a remote attacker to compromise data integrity...

BIND -- Remote Denial of Service vulnerability

ISC reports: The asterisk character "" is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node. A...

EulerOS 2.0 SP2 : bind (EulerOS-SA-2020-1676)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can,...

Important: bind

Issue Overview: A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proces...

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

ALPINE-CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

DEBIAN-CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

Design/Logic Flaw

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

UBUNTU-CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists as the absence of a protection mechanism when attempting to access a critical section of code, as well as a race condition, have been found in the Linux kernel file system event notifier, dnotify. This could allow a local...

Microsoft NET USE win10 - Insufficient Authentication Logic

Title: Microsoft NET USE win10 - Insufficient Authentication Logic Date: 2020-04-04 Author: hyp3rlinx Vendor: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

Product update: Virtuozzo 7.0 Update 13 (7.0.13-298)

The Update 13 for Virtuozzo 7.0 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.12.1.vz7.131.10. Vulnerability id: PSBM-95072 'pstorage-target' files are left over after successful migrations of VMs on Virtuozzo Storage from...

CVE-2019-18936

UniValue::read in UniValue before 1.0.5 allow attackers to cause a denial of service the class internal data reaches an inconsistent state via input data that triggers an error...

CVE-2019-20490

cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsistently SEC-499...

CVE-2020-10111

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization...