CVE-2021-442255

CVE-2021-442255 is referenced in a Huawei EulerOS keepalived advisory (EulerOS-SA-2022-2565) affecting EulerOS Virtualization 3.0.6.0, where the keepalived component relies on IPVS for Layer4 load balancing. The connected OpenVAS/Nessus entries confirm the vulnerability association and assign a C...

CVE-2020-1867

Technical details for CVE-2020-1867 are not publicly available in the provided documents. The connected sources do not specify affected products, versions, or impact. Monitor for updates as more information is released.

CVE-2021-9983

CVE-2021-9983 is a vulnerability in WebKitGTK/WebKit2GTK (used by openSUSE/SUSE) that corresponds to an out-of-bounds write affecting webkit2gtk3. The connected advisories attribute the issue to a memory safety flaw in webkit2gtk3, with multiple vendors referencing CVE-2021-9983 among other CVEs....

CVE-2099-1234

Technical details for CVE-2099-1234 are not publicly available in the provided documents. Monitor for updates; no affected products, vectors, or remediation information can be stated at this time.

CVE-2021-9951

This CVE (CVE-2021-9951) is addressed in OpenSUSE/SUSE security updates for webkit2gtk3. Affected component: WebKitGTK’s webkit2gtk3, updated to version 2.30.3. Root cause: a use-after-free in the relevant code path. Impact: could allow arbitrary code execution on vulnerable hosts. Remediation: a...

CVE-2021-9948

CVE-2021-9948 is addressed in OpenSUSE/SUSE advisories for webkit2gtk3. The vulnerability is described as a type confusion in WebKitGTK that could lead to arbitrary code execution. Remediation is to upgrade webkit2gtk3 to version 2.30.3 (as part of openSUSE/SLE updates in 2020-2021 cycles), with ...

CVE-2010-11100

Connected documents show a Fedora security advisory and a Fedora package update for haproxy (haproxy-2.1.4-1.fc32). This indicates a remediation for haproxy in Fedora 32; however, the provided materials do not include explicit CVE identifiers, affected subcomponents, exact root cause, impact metr...

CVE-2018-100022

Technical details for CVE-2018-100022 are not provided in the supplied documents; no affected products, versions, impact, or remediation are stated. Monitor for updates.

CVE-2021-13584

CVE-2021-13584 is addressed in OpenSUSE/SUSE security advisories for webkit2gtk3. The updates fix use-after-free vulnerabilities that could allow arbitrary code execution (CVE-2021-13543, CVE-2021-13584) and related issues (CVE-2021-9948, CVE-2021-9951, CVE-2021-9983) by upgrading webkit2gtk3 to ...

CVE-2021-23829

Technical details for CVE-2021-23829 are not provided in the supplied documents. The connected OpenSSL advisory covers CVE-2021-23839/23840/23841 affecting AIX; monitor for updates regarding CVE-2021-23829.

CVE-2016-79267926

tcpdump on IBM AIX is affected by CVE-2016-7926 (Ethernet parser). The advisory states a buffer overflow due to improper bounds checking in Ethernet parser (print-ether.c:ethertype_print()) that could allow remote code execution or a crash. Affected AIX versions/filesets include bos.net.tcp.serve...

CVE-2019-27690

CVE-2019-27690 is reported as part of ALAS-2019-1268 for Amazon Linux 2, affecting Java SE/Java SE Embedded components with the Networking subcomponent. Affected are Java SE: 7u221, 8u212, 11.0.3, 12.0.1 and Java SE Embedded: 8u211. The vulnerability allows an unauthenticated attacker with networ...

CVE-2011-1631

Cisco IOS Software contains a denial-of-service vulnerability (CVE-2011-1631) affecting devices that use Gambino DSP components. An unauthenticated, remote attacker can exploit malformed RTP packet processing by sending crafted network packets, potentially causing device components to become unre...

CVE-2019-20970

OpenDMARC vulnerability CVE-2019-20970 (OpenDMARC before 1.4.1.1) enables remote attackers to spoof SPF/DMARC/DKIM authentication results due to parsing/interpretation issues, allowing authentication bypass. The Arch Linux advisory confirms the issue and lists the fixed version 1.4.1.1. нет

CVE-2018-1002161

CVE-2018-1002161 corresponds to a SQL injection flaw in Koji’s hub XMLRPC handlers. Multiple advisories (Mageia MGASA-2019-0144, OSV) describe that an unauthenticated attacker can issue arbitrary SQL commands to Koji’s database due to flaws in Koji’s hub code. Mitigation across reports is to upgr...

CVE-2014-1709

CVE-2014-1709 is an IPC message injection vulnerability in Google Chrome (Chrome 34 era) that could allow bypass of sandbox restrictions. It was among the security fixes highlighted in the Chrome 34 Stable Channel Update, with multiple fixes and external credits (including geohot). The connected ...

CVE-2020-3324

CVE-2020-3324 maps to a Cisco StarOS IPv6 DoS in the ASR 5000 Series. The issue arises from insufficient validation of incoming IPv6 traffic, allowing an unauthenticated, remote attacker to cause a DoS (reload) on affected devices. Cisco’s advisory confirms IPv6-specific impact and absence of IPv...

CVE-2019-18918

The connected document describes a potential vulnerability in the HP Connection Optimizer driver that could allow escalation of privilege. It identifies the affected platforms/SoftPaqs and targets but does not provide concrete technical details such as exact affected versions, root cause, or expl...

CVE-2020-6916

HP’s advisory HPSBHF03671 rev.1 describes a potential vulnerability in the HP LT4120 Snapdragon X5 LTE Driver Installer before version 1.0.1.80, which may allow escalation of privilege and arbitrary code execution. The document lists affected platforms/SoftPaqs and states HP has identified target...

CVE-2020-6927

CVE-2020-6927 is a local privilege escalation in HP Device Manager 5.0.0–5.0.3, caused by a bundled PostgreSQL database with a default, weakly protected dm_postgres account (password: single space). This allows a local attacker to connect to the database, run SQL queries, and achieve SYSTEM-level...