openldap bug fix and enhancement update

An update is available for openldap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LD...

Amazon Linux 2 : httpd (ALAS-2021-1672)

The version of httpd installed on the remote host is prior to 2.4.46-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1672 advisory. A null pointer de-reference was found in the way httpd handled specially crafted HTTP/2 request. A remote attacker could use this fl...

Zero Takeoff Customer Relationship Management System suffers from SQL Injection Vulnerability

Zero take-off customer relationship management system 07FLY-CRM, based on the GPLv3 agreement issued for small and medium-sized management activities , currently provides customer relationship management CRM, sales and marketing JXC, open source software free of charge, to create China's first...

CVE-2021-34394

CVE-2021-34394 affects NVIDIA Trusty (NVIDIA OTE protocol) used in Jetson devices. The issue is an incorrect message stream deserialization in the OTE protocol that can allow a local attacker to trigger a buffer overflow, potentially leading to information disclosure and data modification. NVIDIA...

CVE-2021-34394

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification...

CVE-2021-34389

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure...

HTTP/3 and QUIC: Past, Present, and Future

You may have seen the announcements over the past two weeks -- the IETF QUIC RFCs have been published! That leads to a lot of questions, depending on how closely you've followed this space. You might be wondering what this means to you, or you might think QUIC has been an established thing for...

Fedora: Security Advisory for mod_http2 (FEDORA-2021-051639aad4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Problems with non-standard compliant ERC20 tokens

Handle cmichel Vulnerability details Vulnerability Details Some tokens like USDT don't correctly implement the EIP20 standard and their transfer/transferFrom function return void instead of a success boolean. Calling these functions with the correct EIP20 function signatures will always revert...

Important: Red Hat Security Advisory: dhcp security update

An update for dhcp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Important: Red Hat Security Advisory: dhcp security update

An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Apple macOS SMB server directory query arbitrary file access

Summary An arbitrary file access vulnerability exists in the SMB Server Apple macOS 11.2. A specially crafted SMB request can leak metadata of arbitrary files. This vulnerability can be triggered by sending a malicious packet to the vulnerable server. Tested Versions Apple macOS 11.2 Product URLs...

Duplication of Balance

Handle 0xsomeone Vulnerability details Impact It is possible to duplicate currently held ink or art within a Cauldron, thereby breaking the contract's accounting system minting units out of thin air. Proof of Concept The stir function of the Cauldron, which can be invoked via a Ladle operation,...

CVE-2021-25641

CVE-2021-25641 affects Apache Dubbo servers prior to 2.7.8 and 2.6.9. The vulnerability arises when a provider’s byte preamble flags are tampered with, allowing an attacker to override the server’s chosen serialization protocol and trigger a weak deserializer (e.g., Kryo or FST) in scope. This en...

ReDoS in Sec-Websocket-Protocol header

Impact A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. Proof of concept js for const length of 1000, 2000, 4000, 8000, 16000, 32000 const value = 'b' + ' '.repeatlength + 'x'; const start = process.hrtime.bigint; value.trim.split/...

X.Org X11 library: Denial of service

Background X.Org is an implementation of the X Window System. The X.Org X11 library provides the X11 protocol library files. Description It was discovered that XLookupColor and other X.Org X11 library functions lacked proper validation of the length of their string parameters. Impact An attacker...

Conviction scoring fails to initialize and bootstrap

Handle 0xRajeev Vulnerability details Impact Conviction scores for new addresses/users fail to initialize+bootstrap in ERC20ConvictionScore’s updateConvictionScore because a new user’s numCheckpoints will be zero and never gets initialized. This effectively means that FairSide conviction scoring...

Recommended update for grub2 (moderate)

openSUSE Security Update: Recommended update for grub2 Announcement ID: openSUSE-SU-2021:0790-1 Rating: moderate References: 1185580 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for grub2 fixes the following issues: -...

libX11 Insufficient Length Check / Injection

Hello list, A missing length check in libX11 causes data from LookupColor requests mess up the client-server communication protocol and inject malicious X server requests. The flaw is comparable to SQLi injecting commands into database connections granting an attacker access to all features of th...

Cisco IOS XE Software DECnet Phase IV/OSI DoS (cisco-sa-iosxe-decnet-dos-cuPWDkyL)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing. This vulnerability allows an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerabili...