Lucene search
K

363 matches found

OSV
OSV
added 2022/03/25 4:15 p.m.20 views

CVE-2021-43090

An XML External Entity XXE vulnerability exists in soa-model before 1.6.4 in the WSDLParser function...

9.8CVSS9.5AI score
Exploits0References4
Prion
Prion
added 2022/03/25 4:15 p.m.15 views

Xxe

An XML External Entity XXE vulnerability exists in soa-model before 1.6.4 in the WSDLParser function...

7.5CVSS9.4AI score0.01896EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/03/25 3:47 p.m.27 views

CVE-2021-43090

An XML External Entity XXE vulnerability exists in soa-model before 1.6.4 in the WSDLParser function...

9.7AI score0.01896EPSS
Exploits1References4
CVE
CVE
added 2022/03/25 3:47 p.m.96 views

CVE-2021-43090

CVE-2021-43090 describes an XML External Entity (XXE) vulnerability in the Membrane soa-model library (WSDLParser) affecting versions before 1.6.4. The issue arises from XXE handling in the WSDLParser function, with a fix released in 1.6.4. Public references include a GitHub release/commit path s...

9.8CVSS9.4AI score0.01896EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/03/25 12:0 a.m.5 views

Membrane SOA Model 代码问题漏洞

Membrane SOA Model is an open source toolkit and Java API for WSDL and XML Schema. A code issue vulnerability exists in all versions of Membrane SOA Model that stems from an XML External Entity XXE: XML External Entity vulnerability in the WSDLParser method...

9.8CVSS8.4AI score0.01896EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2021-0275)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.0594EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/09 6:9 p.m.4 views

bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

6.5CVSS7.2AI score0.0594EPSS
Exploits0References5
Redos
Redos
added 2021/09/08 12:0 a.m.34 views

ROS-2-1001

2.1001 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.21 views

ROS-2-1277

2.1277 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits3
Redos
Redos
added 2021/09/08 12:0 a.m.16 views

ROS-2-546

2.546 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/08/31 9:22 a.m.6 views

bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

6.5CVSS7.2AI score0.0594EPSS
Exploits0References5
CNVD
CNVD
added 2021/08/18 12:0 a.m.17 views

IBM DataPower Gateway Code Injection Vulnerability

IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates, and optimizes access across channel...

6.5CVSS2.8AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2021/06/23 5:11 p.m.8 views

MGASA-2021-0275 Updated bind packages fix a security vulnerability

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

6.5CVSS6.9AI score0.0594EPSS
Exploits0References4
Mageia
Mageia
added 2021/06/23 5:11 p.m.46 views

Updated bind packages fix a security vulnerability

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

6.5CVSS2.6AI score0.0594EPSS
Exploits0References3
Amazon
Amazon
added 2021/06/23 12:0 a.m.36 views

Medium: bind

Issue Overview: Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for...

6.5CVSS8.1AI score0.0594EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.29 views

ISC BIND Malformed IXFR DoS (CVE-2021-25214)

According to its self-reported version, the ISC Bind present on the remote host is affected by a denial of service vulnerability: - Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name...

6.5CVSS7.3AI score0.0594EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/30 12:0 a.m.22 views

ISC BIND DoS Vulnerability (CVE-2021-25214) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

6.5CVSS7.1AI score0.0594EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2021/04/29 3:48 a.m.43 views

CVE-2021-25214

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

6.5CVSS7AI score0.0594EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.5 views

ISC BIND 安全漏洞

ISC BIND is a suite of open source software that implements the DNS protocol from ISC USA. A security vulnerability exists in ISC BIND that causes the receiving named server to inadvertently delete SOA records for problematic zones from the zone database...

6.5CVSS7AI score0.0594EPSS
Exploits0References34
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/02 9:40 a.m.54 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (March 2021)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component...

5.8CVSS3.3AI score0.03713EPSS
Exploits0Affected Software1
Rows per page
Query Builder