ALPINE-CVE-2020-25648

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

DEBIAN-CVE-2020-25648

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

UBUNTU-CVE-2020-25648

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This fla...

CVE-2020-1689

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone...

CVE-2020-1668

On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device has high CPU load...

Design/Logic Flaw

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...

Design/Logic Flaw

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone...

CVE-2020-1689 Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames when deployed in a Virtual Chassis configuration

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone...

CVE-2020-1687 Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames in EVPN-VXLAN deployment.

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...

DEBIAN-CVE-2020-15157

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...

CVE-2020-15157

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...

The vulnerability of the SDL_FillRect function in the Simple DirectMedia Layer library allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SDLFillRect function in the video/SDLsurface.c library in the Simple DirectMedia Layer library is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the Blit1to4 function in the Simple DirectMedia Layer library allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Blit1to4 function in the Simple DirectMediaLayer library is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the InitMS_ADPCM function in the Simple DirectMedia Layer library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the InitMSADPCM function in the Simple DirectMediaLayer library is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the IMA_ADPCM_nibble function in the Simple DirectMediaLayer library allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the IMAADPCMnibble function in the Simple DirectMediaLayer library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

UBUNTU-CVE-2020-15157

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...

UBUNTU-CVE-2020-9746

Adobe Flash Player version 32.0.0.433 and earlier are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default...

CVE-2019-2194

In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

USN-4576-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4576-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4576-1 advisory. Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free...