CVE-2023-3920

Summary of CVE-2023-3920 (GitLab) Affected: GitLab versions 11.2 up to, but excluding, 16.2.8; 16.3 up to, but excluding, 16.3.5; and 16.4 up to, but excluding, 16.4.1.Root cause: Maintainers could create a fork relationship between existing projects contrary to the documentation. This is the und...

CVE-2023-41878 Weak password of selenium VNC in MeterSphere

MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Metersphere is using a weak password by default, attackers can login to vnc and obtain high...

PVS Target Device Stuck at "Applying Computer Settings"

Provisioning Services PVS target device fail to boot. The target device stuck at applying computer settings stage and then trigger restart...

ICA Session fails when connected from Citrix Workspace App

ICA Session fails when connected from Citrix Workspace App DesktopViewer Crash...

CVE-2023-42441 Vyper has incorrect re-entrancy lock when key is empty string

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. Starting in version 0.2.9 and prior to version 0.3.10, locks of the type @nonreentrant"" or @nonreentrant'' do not produce reentrancy checks at runtime. This issue is fixed in version 0.3.10. As a workaround, ensure...

SUSE-SU-2023:3634-1 Security update for libwebp

This update for libwebp fixes the following issues: - CVE-2023-4863: Fixed heap buffer overflow bsc1215231...

PT-2023-11398 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It mentions that the candidate is unused by its CNA and refers to the Nationa...

NetScaler native OTP (One-Time Password) device registration failure

Can't register device for native OTP authentication in NetScaler...

CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

PT-2023-26435 · Unknown · Vowifiservice

Name of the Vulnerable Software and Affected Versions: vowifiservice affected versions not specified Description: The issue is related to a possible missing permission check in vowifiservice. This could lead to local escalation of privilege with no additional execution privileges. Recommendations...

Prompt Error "Feature is not implemented" after Read-Only users login GUI

Read-only user login GUI and get an error "Feature is not implemented"...

iOS Workspace Error "Http/1.1 Internal Server Error 43549" via Gateway nFactor Authentication

Workspace for iOS shows "Http/1.1 Internal Server Error 43549" after successful authentication via NetScaler Gateway. Workspace for Windows works fine. AAA nFactorauthentication profile is configured in NetScaler Gateway...

OSV-2023-764 Heap-buffer-overflow in pim_pim_packet

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61854 Crash type: Heap-buffer-overflow READ 2 Crash state: pimpimpacket pimmain.c...

BELL-CVE-2023-39810

Bulletin has no description...

DNS monitor LAST RESPONSE "Failure - ICMP port unreachable"

DNS type monitor LAST RESPONSE displayed"Failure - ICMP port unreachable" like below:...

SUSE-SU-2023:3409-1 Security update for erlang

This update for erlang fixes the following issues: - Replaced the CVE-2022-37026 patch with the one released by the upstream to fix a regression in the previous one. bsc1205318...

How to change NSIP's and SNIP of the Citrix ADC which is configured in HA pair

Citrix ADC 13.1 - ADC is down after changing the NSIP and removing one of the interface on the ADC and binding other interface with different VLAN configurations...

CVE-2020-19909

Integer overflow vulnerability in tooloperate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may in theory cause a denial of service to associated systems or networks if, for example,...

BELL-CVE-2022-45703

Bulletin has no description...

"404 Not Found" Error When Accessing NetScaler Gateway index.html Page After NetScaler Upgrade

Following an NetScaler upgrade, attempting to access the Citrix Gateway index.html page results in a "404 Not Found" error...