363 matches found
CVE-2021-43090
An XML External Entity XXE vulnerability exists in soa-model before 1.6.4 in the WSDLParser function...
Xxe
An XML External Entity XXE vulnerability exists in soa-model before 1.6.4 in the WSDLParser function...
CVE-2021-43090
An XML External Entity XXE vulnerability exists in soa-model before 1.6.4 in the WSDLParser function...
CVE-2021-43090
CVE-2021-43090 describes an XML External Entity (XXE) vulnerability in the Membrane soa-model library (WSDLParser) affecting versions before 1.6.4. The issue arises from XXE handling in the WSDLParser function, with a fix released in 1.6.4. Public references include a GitHub release/commit path s...
Membrane SOA Model 代码问题漏洞
Membrane SOA Model is an open source toolkit and Java API for WSDL and XML Schema. A code issue vulnerability exists in all versions of Membrane SOA Model that stems from an XML External Entity XXE: XML External Entity vulnerability in the WSDLParser method...
Mageia: Security Advisory (MGASA-2021-0275)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...
ROS-2-1001
2.1001 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-1277
2.1277 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-546
2.546 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...
IBM DataPower Gateway Code Injection Vulnerability
IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates, and optimizes access across channel...
MGASA-2021-0275 Updated bind packages fix a security vulnerability
Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...
Updated bind packages fix a security vulnerability
Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...
Medium: bind
Issue Overview: Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for...
ISC BIND Malformed IXFR DoS (CVE-2021-25214)
According to its self-reported version, the ISC Bind present on the remote host is affected by a denial of service vulnerability: - Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name...
ISC BIND DoS Vulnerability (CVE-2021-25214) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CVE-2021-25214
Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...
ISC BIND 安全漏洞
ISC BIND is a suite of open source software that implements the DNS protocol from ISC USA. A security vulnerability exists in ISC BIND that causes the receiving named server to inadvertently delete SOA records for problematic zones from the zone database...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (March 2021)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component...