SUSE SLES12 Security Update : curl (SUSE-SU-2021:1763-1)

This update for curl fixes the following issues : CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. Allow partial chain verification jscSLE-17956 - Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2021:1762-1)

This update for curl fixes the following issues : CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. Allow partial chain verification jscSLE-17956 - Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

SUSE-SU-2021:1763-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

SUSE-SU-2021:1762-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

What Is Slowloris DDoS Attack❓ Mitigation methods

Slowloris is a DDoS attack software created by Robert “RSnake” Hansen. The software allows a single computer to take on a web server. The attack’s simple but elegant nature means it does not require much bandwidth to carry out its attack on the server of the target webserver with minimal or no si...

The vulnerability of the Task Automation component of the Oracle Hyperion Financial Management application allows a perpetrator to gain read access to data, modify data, cause partial service disruption, or obtain privileged access.

The vulnerability of the Task Automation component of the Oracle Hyperion Financial Management application exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain read access to data, modify data, cause partial service failure, or...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a perpetrator to gain read access to data, modify data, or cause partial service disruption.

The vulnerability of the Outside In Filters component within Oracle’s software development kit SDK “Outside In Technology” exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to gain read access to data, modify, add, or delete data, or cause a...

The vulnerability of the FMW Control Plugin sub-component of the Enterprise Manager for Fusion Middleware software platform allows a malicious individual to gain access to data, modify data, or cause a partial service disruption.

The vulnerability of the FMW Control Plugin component of the Enterprise Manager for Fusion Middleware software from Oracle exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read access to data, modify data, or cause a partial service...

CVE-2021-1530

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service DoS condition on an affected system. This vulnerability is due to improper handlin...

OESA-2021-1156 libdb security update

Oracle Berkeley DB provides the best open source embeddable databases allowing developers the choice of SQL, Key/Value, XML/XQuery or Java Object storage for their data model. At its core is a fast, scalable, transactional database engine with proven reliability and availability. Berkeley DB come...

EulerOS 2.0 SP3 : java-1.7.0-openjdk (EulerOS-SA-2021-1805)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).

...

CVE-2021-2294

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIO...

CVE-2021-2240

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

CVE-2021-2219

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: SQR. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2021-2158

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion component: Task Automation. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Management...

CVE-2021-2158

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion component: Task Automation. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Management...

Code injection

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Health Center. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...

UBUNTU-CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...