UBUNTU-CVE-2021-29495

Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented...

jetty: Resource exhaustion when receiving an invalid large TLS frame

When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large greater than 17408 TLS frame that is incorrectly handled, causing high CPU resources utilization. The highest threat from this vulnerability is to service availability...

CVE-2021-1521

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when processing Cisco Discovery Protocol...

CVE-2021-1521

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when processing Cisco Discovery Protocol...

Design/Logic Flaw

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when processing Cisco Discovery Protocol...

CVE-2021-1521

The CVE-2021-1521 entry affects Cisco Video Surveillance 8000 Series IP Cameras. A flaw in the Cisco Discovery Protocol message processing allows an unauthenticated, adjacent attacker to trigger a reload of the camera, causing a DoS. Root cause: missing checks in processing Cisco Discovery Protoc...

OESA-2021-1179 openvswitch security update

Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. Security Fixes: A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet...

OESA-2021-1170 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS...

Command Execution Vulnerability in Netcom's Next-Generation Firewalls

Netcom Next Generation Firewall NGFW is a firewall that can comprehensively deal with application layer threats. A command execution vulnerability exists in the NGFW. An attacker can exploit this vulnerability to gain server privileges...

Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when processing Cisco Discovery Protocol...

The vulnerability of the implementation of TLS and SSL protocols in Cisco Firepower Threat Defense’s microprogrammable network interfaces allows attackers to trigger a device reboot or cause a service failure.

The vulnerability of the TLS and SSL protocols implemented by Cisco Firepower Threat Defense’s microprogramming-based network interface controllers is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to...

Exim 资源管理错误漏洞

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. A post-release reuse vulnerability in smtpreset in Exim when providing TLS encryption over OpenSSL can be exploited by an attacker to achieve remote code execution...

PT-2021-4057 · Prosody +2 · Prosody +2

Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.11.9 Description: The issue is related to incorrect handling of SSL/TLS renegotiation requests, which can lead to uncontrolled CPU consumption. This can be exploited by a remote attacker to cause a denial of servic...

DEBIAN-CVE-2021-21233

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Failed to publish image with platform layer if offload Compositing feature is enabled.

When offload Compositing feature is enabled, you may failed to publish image, which contains a platform layer. ELM log shows the following error: "An unexpected error occurred; export the log files and notify Technical Support that this error occurred."...

Cisco Firepower Threat Defense 输入验证错误漏洞

Cisco Firepower Threat Defense FTD is unified software that provides next-generation firewall services. A denial-of-service vulnerability exists in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense, which can be exploited by an attacker to cause a process crash by sendi...

nss: TLS 1.3 CCS flood remote DoS Attack

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability...

Windows does not recognize the VMXNET3 on App layer after upgraded to Windows 10 20H2.

After upgraded to Windows 10 20H2 on OS layer, then add a new version to App layer or platform layer, Windows virtual machine does not recognize the VMXNET3 virtual adapter. In the Windows device manager, you see a message similar to on packing machine: This device cannot start. Code 10 Operation...

AZL-45213 CVE-2021-31597 affecting package js-jquery 3.5.0-4

The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized when the property exists but is undefined is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected...

Datagram Transport Layer Security (DTLS) Protocol Detection

Detection of services supporting the Datagram Transport Layer Security DTLS protocol. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...