Oracle Solaris Critical Patch Update : jul2021_SRU11_3_36_26_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption OpenSSL. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable...

CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...

Oracle Releases July 2021 Critical Patch Update

Oracle has released its Critical Patch Update for July 2021 to address 342 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle July 2021 Critica...

PT-2021-3944 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 15.2 and earlier Description: The issue is caused by a buffer overflow when parsing a specially crafted file, potentially allowing a remote attacker to execute arbitrary code. An unauthenticated attacker could...

Oracle Critical Patch Update Advisory - July 2021

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

Debian DLA-2709-1 : firefox-esr - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2709 advisory. - Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted...

Design/Logic Flaw

An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.x before 9.0.0 Patch 16. The value of the X-Host header overwrites the value of the Host header in proxied requests. The value of X-Host header is not checked against...

PT-2021-3528

Name of the Vulnerable Software and Affected Versions Microsoft Windows Print Spooler affected versions not specified Description The Windows Print Spooler service contains a flaw in how it handles file operations, potentially allowing a remote attacker to execute arbitrary code with SYSTEM...

Unbreakable Enterprise kernel-container security update

5.4.17-2102.202.5 - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860491 CVE-2021-31916 - uek-rpm: update kABI lists for the new symbols Saeed Mirzamohammadi...

Exploit for CVE-2021-2173

CVE-2021-2173 CVE-2021-2173 PoC is explained here: ht...

Security update for polkit (important)

openSUSE Security Update: Security update for polkit Announcement ID: openSUSE-SU-2021:0838-1 Rating: important References: 1186497 Cross-References: CVE-2021-3560 CVSS scores: CVE-2021-3560 SUSE: 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 An update tha...

Security Bulletin: A vulnerability in the IBM® SDK, Java™ Technology Edition affects IBM Tivoli Network Manager CVE-2020-14782.

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle October 2020 Critical Patch Update, but deferred until the release associated with the IBM February 2021 Critical Patch...

PT-2024-11157 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc1+ Description: A divide-by-zero error can be triggered in the Linux kernel by a user-supplied value, specifically the user entry size, which is used as a denominator to calculate the number of entries...

Security update for monitoring-plugins-smart (important)

openSUSE Security Update: Security update for monitoring-plugins-smart Announcement ID: openSUSE-SU-2021:0706-1 Rating: important References: 1183057 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An update that contains security fixes can now be...

Oracle Coherence (Apr 2021 CPU)

The version of the Oracle Coherence installed on the remote host is missing a critical patch update. It is, therefore, affected by a vulnerability, as referenced in the April 2021 CPU advisory. - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core...

Oracle Releases April 2021 Critical Patch Update

Oracle has released its Critical Patch Update for April 2021 to address 384 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle April 2021...

KLA12160 Multiple vulnerabilities in Oracle VirtualBox

Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A security bypass vulnerability in Core component can...

Oracle Critical Patch Update Advisory - April 2021

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

SUSE: Security Advisory (SUSE-SU-2017:0346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0490-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...