75 matches found
Fortinet Fortigate Slow HTTP DoS Attacks Mitigation (FG-IR-19-013)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-013 advisory. - An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2,...
Wildfly 跨站脚本漏洞
Wildfly is a powerful, modular and lightweight application server from Wildfly. Wildfly suffers from a cross-site scripting vulnerability that stems from allowing an attacker or insider to execute a deployment with a malicious payload that could trigger undesirable behavior against the server...
Important: nodejs20
Issue Overview: NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ CVE-2024-27982 An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data i...
Denial of Service (DoS) vulnerability in RSSHub
Impact Passing some special values to the filter and filterout parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services. Patches It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as...
MGASA-2022-0168 Updated python-twisted packages fix security vulnerability
CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on...
Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?
Summary Is Blueworks Live affected by CVE-2021-44228 Log4j Vulnerability? Vulnerability Details Please refer to the Flash Alert published here: Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Off Related...
Vulnerabilities fixed in Nucleus NET stack
Forescout researchers have found 13 vulnerabilities in the Siemens Nucleus NET stack. This is a network stack that is used by both Siemens products as well as products from other vendors used. The vulnerabilities have collectively been named "NUCLEUS:13." assigned. The vulnerabilities were found ...
OPENSUSE-SU-2021:2760-1 Security update for c-ares
This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers bsc1188881 - If aresgetaddrinfo was terminated by an aresdestroy, it would cause crash - Crash in sortaddrinfo if...
Security update for mumble (moderate)
openSUSE Security Update: Security update for mumble Announcement ID: openSUSE-SU-2021:0312-1 Rating: moderate References: 1180068 1182123 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for mumble fixes the...
Kia Motors Hit With $20M Ransomware Attack – Report
So far, Kia Motors America has publicly acknowledged an “extended system outage,” but ransomware gang DoppelPaymer claimed it has locked down the company’s files in a cyberattack that includes a $20 million ransom demand. That $20 million will gain Kia a decryptor and a guarantee to not to publis...
MGASA-2020-0440 Updated jruby packages fix security vulnerabilities
Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...
SUSE-SU-2020:2673-1 Security update for samba
This update for samba to version 4.10.17 fixes the following issues: - Fixed net command unable to negotiate SMB2; bsc1174120; - Update to 4.10.17 - CVE-2020-10745: Invalid DNS or NBT queries containing dots use several seconds of CPU each; bso14378; bsc1173160. - CVE-2020-10730: NULL de-referenc...
SUSE-SU-2020:1913-1 Security update for samba
This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU bsc1173160. - CVE-2020-14303: Fixed an endless loop when receiving at AD DC empty UDP packets bsc117335...
SUSE-SU-2020:0427-1 Security update for nodejs10
This update for nodejs10 fixes the following issues: nodejs10 was updated to version 10.19.0. Security issues fixed: - CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string CVE-2019-15604, bsc1163104. - CVE-2019-15605: Fixed an HTTP request...
Desktop Studio Error: "Can't Get License Info"
The license server can be registered with XenDesktop either when XenDesktop is configured, or through the Change license server action on the Licensing node in Desktop Studio. When the administrator specifies the address of the license server, Desktop Studio attempts to discover the License...
License Server does not recognize license file
Installed licenses not showing up on the License Administration Console or Licensing Manager...
OPENSUSE-SU-2019:0327-1 Security update for mariadb
This update for mariadb to version 10.2.22 fixes the following issues: Security issues fixed: - CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service bsc1122198. - CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to...
OPENSUSE-SU-2019:0091-1 Security update for openssh
This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...
How to troubleshoot the Citrix Provisioning Services server
Provisioning Services PVS is software streaming technology that delivers patches, updates and other configuration information to multiple virtual desktop endpoints through a shared desktop image. It centralizes virtual machine management while reducing the operational and storage costs of a...
SUSE-SU-2018:0384-1 Security update for mariadb
This update for mariadb to version 10.0.33 fixes several issues. These security issues were fixed: - CVE-2017-10378: Vulnerability in subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL...