NetBSD 安全特征问题漏洞

NetBSD is an open source Unix-like operating system from the NetBSD Foundation. NetBSD suffers from a security signature issue vulnerability that stems from an information leak in the TCP ISN ISS generation algorithm in NetBSD through 9.2...

PT-2021-24252 · Netbsd · Netbsd

Name of the Vulnerable Software and Affected Versions: NetBSD versions prior to 9.3 Description: The issue is related to an information leak in the TCP ISN ISS generation algorithm. This leak may potentially allow attackers to gather sensitive information. Recommendations: For versions prior to...

Buffer overflow

The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...

CVE-2021-44538

The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...

Haptyc - Test Generation Framework

Haptyc is a python library which was built to add payload position support and Sniper/Clusterbomb/Batteringram/Pitchfork attack types into Turbo Intruder. While Haptyc accomplishes these goals fairly well it also introduces a simpler way to express test sequences in general. While this library wa...

The vulnerability of the Android EMUI operating system’s shell is related to the improper implementation of the sequence of actions that should be performed. This allows attackers to disclose protected information.

The vulnerability of the Android EMUI operating system’s shell is related to the improper implementation of the sequence of actions that need to be performed. Exploiting this vulnerability can allow a remote attacker to disclose protected information...

CVE-2021-38509

Due to an unusual sequence of attacker-controlled events, a Javascript alert dialog with arbitrary although unstyled contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

Buffer overflow

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

The vulnerability of the SAE implementation of the wpa_supplicant function for wireless communication devices with WPA certification lies in the authentication procedures’ flaws, which allow a perpetrator to cause a service failure.

The vulnerability of the SAE function of the wpasupplicant implementation for wireless communication devices with WPA certification is related to incorrect authentication sequence. Exploiting this vulnerability allows a remote attacker to cause service failure...

DEBIAN-CVE-2021-37592

Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments...

CVE-2021-35535

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process...

ALSA-2021:4649 Moderate: gcc-toolset-10-binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...

Moderate: Red Hat Security Advisory: rust-toolset:rhel8 security update

An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: rust-toolset:rhel8 security update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes wer...

rust-toolset:rhel8 security update

An update is available for rust-toolset, rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rust Toolset provides the Rust programming language compiler rustc...

kernel: tcp: add sanity tests to TCP_QUEUE_SEQ

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

Mozilla Firefox has an unspecified vulnerability (CNVD-2021-101164)

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable due to an unusual sequence of events controlled by an attacker, and alert can therefore display arbitrary albeit unstyled content on top of an uncontrolled page of the attacker's choice...

NewStart CGSL CORE 5.04 / MAIN 5.04 : xterm Vulnerability (NS-SA-2021-0107)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has xterm packages installed that are affected by a vulnerability: - xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining charact...

ECOA BAS controller arbitrary file upload vulnerability

ECOA BAS controller is a BAS controller developed by Ecoa Technologies Corp in Taiwan, China. ECOA BAS controller is vulnerable to arbitrary file uploads, which can be exploited to send specially crafted URL requests to the /upload URI with the file name and rbt parameters containing The "dot"...

CLSA-2021-1632261987 Fix of CVE: CVE-2021-33909

ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...