NewStart CGSL CORE 5.05 / MAIN 5.05 : ipa Multiple Vulnerabilities (NS-SA-2021-0171)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ipa packages installed that are affected by multiple vulnerabilities: - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causin...

ipa-world.org Cross Site Scripting vulnerability OBB-2153709

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

python-ldap bug fix and enhancement update

The python-ldap packages provide an object-oriented API for working with LDAP within Python programs. It allows access to LDAP directory servers by using the OpenLDAP 2.x libraries, and contains modules for other LDAP-related tasks including processing LDIF, LDAPURLs, LDAPv3 schema, etc.. Bug Fix...

CVE-2021-1974

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Design/Logic Flaw

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Buffer overflow

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

CVE-2021-1974

CVE-2021-1974 is described in connected sources as a buffer issue (buffer over-read) due to misalignment between IPA SMMU and WLAN SMMU mapping lengths in Snapdragon platforms (Auto/Compute/Connectivity/IoT/Wearables/Networking). Qualcomm/Red Hat/NVD entries label it as high severity with network...

CVE-2021-1974

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

CVE-2021-1963

CVE-2021-1963 describes a use-after-free in the IPA driver of Qualcomm Snapdragon SoCs (across Snapdragon Auto/Compute/Connectivity/IoT/Wearables families) caused by insufficient validation of the rule count in the filter table. The issue affects kernel components and is documented with a CVSS v3...

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

389-ds:1.4 security and bug fix update

1.4.3.16-19 - Bump version to 1.4.3.16-19 - Resolve: Bug 1984091 - persistent search returns entries even when an error is returned by content-sync-plugin 1.4.3.16-18 - Bump version to 1.4.3.16-18 - Resolve: Bug 1983121 - CRYPT password hash with asterisk allows any bind attempt to succeed...

Ipa-Medit - Memory Search And Patch Tool For Resigned Ipa Without Jailbreak

Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be...

idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: ipa: ipa-server-upgrade is failing while upgrading 8.3 to 8.4: Only attempt to upgrade ACME configuration fil...

ALBA-2021:2592 idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: ipa: ipa-server-upgrade is failing while upgrading 8.3 to 8.4: Only attempt to upgrade ACME configuration fil...

DL1 bug fix update

An update is available for ipa, python-jwcrypto, custodia, bind-dyndb-ldap, python-qrcode, softhsm, slapi-nis, python-yubico, python-kdcproxy, opendnssec, ipa-healthcheck, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

ALBA-2021:2571 sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

sssd bug fix and enhancement update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

idm:DL1 and idm:client security, bug fix, and enhancement update

bind-dyndb-ldap 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 ipa 4.9.2-3.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.2-3 - ipa-client-install displays false message 'sudo binary does not seem to ...