CVE-2021-38382

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

CVE-2021-38381

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

CVE-2021-38382

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

UBUNTU-CVE-2021-38382

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

CVE-2021-38381

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

CVE-2021-38382

Removed by vendor...

Microsoft ファミリーセーフティで家族の安全を見守ろう

～家庭で利用する PC・タブレットの設定ガイド～ ご家庭で PC やタブレットの安全な使い方を話し合いながら設...

CVE-2021-38199

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service hanging of mounts by arranging for those servers to be unreachable during trunking detection...

UBUNTU-CVE-2021-38199

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service hanging of mounts by arranging for those servers to be unreachable during trunking detection...

CVE-2021-38199

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service hanging of mounts by arranging for those servers to be unreachable during trunking detection...

OpSec Leaky Images

Hackers love your marketing department. Fact! Your marketing department love telling the world what happens in your company, then they attach images to the posts, often of staff at work. They ensure the subject is central and the image tells a story. The problem is often they tell hackers a...

CVE-2021-27953

A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to cause a denial of service, forcing the device to reboot via a crafted HTTP request...

UVI-2021-1001385 NFSv4: Initialise connection to the server in nfs4_alloc_client()

NFSv4: Initialise connection to the server in nfs4allocclient This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.198 by commit...

Heartbeat not seen on one interface of one node in a HA pair

HA setup configured. On one of the nodes, we see that heartbeat not found on interface 0/1. On one of the nodes, when the command "show HA node" is executed, we see the following: Interfaces on which heartbeats are not seen : 0/1 On the other node, we see the following: Interfaces on which...

The vulnerability of the setup/install.php component of the osTicket customer support system, which allows a perpetrator to carry out cross-site scripting attacks

The vulnerability of the osTicket customer support system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

How to Configure NetScaler in a HA Setup to Communicate in Two-Arm Config with Different VLAN Tags

This article describes how to configure the appliances in a high availability setup to communicate in a two-arm configuration with different 802.1q VLAN tags on each arm. In some network topologies, administrators enforce a security policy where VLAN traffic through their switching equipment must...

Citrix Provisioning Services - Machine Creation Fails While Running The PVS CVAD Setup Wizard

The PVS CVAD Setup Wizard fails to create new virtual machines when running on a VMware Hypervisor. vCenter displays an error when the CVAD Setup Wizard fails to complete its task similar to the following: Unable to find device or file /Failed to clone a VM, error: Invalid configuration for devic...

CVE-2020-18174

A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges...

Updated xstream packages fix security vulnerabilities

In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream CVE-2021-21341...

CVE-2021-21406

Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable path. The vulnerability is patched in version 2.7.4 and 3.0.0...