CVE-2105-2342

VMware vCenter/ESXi advisory coverage CVE-2015-2342 and CVE-2015-5177 describing two issues: (1) a double-free in OpenSLP's SLPDProcessMessage() on ESXi that may allow unauthenticated remote code execution; (2) a vulnerable vCenter Server JMX RMI service that can permit remote code execution. The...

CVE-2021-44823

Technical details for CVE-2021-44823 are not publicly available in the provided documents. Monitor for updates as information may be released later.

CVE-2929-2773

Summary: IBM DataQuant for z/OS version 2.1 is affected by CVE-2020-2773 (referenced in the IBM bulletin as CVE-2929-2773 in this entry). The vulnerability is described as an unspecified issue in the Java SE Security component that could allow an unauthenticated attacker to cause a denial of serv...

CVE-2022-16126

Technical details for CVE-2022-16126 are not publicly available in the provided documents. No affected products, impact, or remediation are specified. Monitor for updates from official sources.

MGASA-2022-0379 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...

CVE-2022-41983

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...

CVE-2021-41624

CVE-2021-41624 is associated with a memory-leak DoS in F5 BIG-IP. The CNNVD entry describes F5 BIG-IP as an application delivery platform and notes a memory leak vulnerability that triggers denial of service. The provided documents do not specify affected versions, vulnerable components, exploit ...

[VPN Plugin] Transfer Login keeps Loading with Non-English language setting

In Citrix Gateway VPN environment, you may observe the following issue when "Transfer Login": After clicking "Transfer" on Client VPN plugin, the button keepsspinning loading and stuck. Logs investigation show the following clues: Problem can only be observed in Non-English language setting Plugi...

AZL-33628 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.17-2

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

AZL-35041 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.15-1

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

HTML5 app launch doesn't work via Netscaler after upgrading the CVAD setup

Upgrade Xendesktop from 7.15 Cu8 to 1912 CU5 or above Could connect externally through ADC Netscaler using HTML5 when on 7.15 but not with the latest codes Connecting to the machines using HTML5 via direct storefront works fine App launch via workspace app works fine though ADC as well Only while...

AlwaysOn VPN session is not re-established after sleep mode

When windows clients come out of Sleep mode and sometimes on boot, the Gateway VPN client is not connecting to the Gateway. This can usually be resolved by disabling/enabling the WiFi connection or rebooting the client machine. The Setup has "Always On " VPN mode and Machine-tunnel...

CVE-2022-41647

WordPress Optinly plugin (versions

Code injection

There is a Unauthorized service in the system service, may cause the system reboot. Since the component does not have permission check and permission protection, resulting in EoP problem.Product: AndroidVersions: Android SoCAndroid ID: A-242248367...

CVE-2022-41295

CVE-2022-41295 affects IBM Robotic Process Automation products. IBM Robotic Process Automation Client may be vulnerable to sensitive data being stored in temporary managed memory, enabling exposure of data in memory during operation. Affected products/versions: IBM Robotic Process Automation for ...

CVE-2022-41293

Summary: IBM Robotic Process Automation (RPA) is vulnerable to insufficient protection of credentials created in the control center (CVE-2022-41293). The vulnerability affects IBM RPA for Cloud Pak (< 21.0.3), IBM RPA as a Service (< 21.0.3), and IBM RPA (

CVE-2020-35282

The connected IBM advisories confirm CVE-2020-35282 affects IBM WebSphere Application Server (WAS) when shipped with IBM Operations Analytics Predictive Insights. Affected: WAS 8.0, 8.5, 9.0 as part of Predictive Insights; vulnerability type: Server-Side Request Forgery (and related spoofing/remo...

CVE-2022-20435

CVE-2022-20435 is an Android vulnerability described as an unauthorized service in the system service that, due to missing permission checks, can lead to local elevation of privilege and potentially a system reboot. Connected OSV entries (ASB-A-242248367 and ASB-A-242248369) corroborate an unauth...

CVE-2022-20435

There is a Unauthorized service in the system service, may cause the system reboot. Since the component does not have permission check and permission protection, resulting in EoP problem.Product: AndroidVersions: Android SoCAndroid ID: A-242248367...

Design/Logic Flaw

A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...