OESA-2021-1267 linuxptp security update

Linuxptp is an implementation of the Precision Time Protocol PTP according to IEEE standard 1588 for Linux. The dual design goals are to provide a robust implementation of the standard and to use the most relevant and modern Application Programming Interfaces API offered by the Linux kernel...

Fedora: Security Advisory for nextcloud (FEDORA-2021-eac0e52f88)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

runC: Container breakout

Background runC is a CLI tool for spawning and running containers according to the OCI specification. Description A vulnerability in runC could allow an attacker to achieve privilege escalation if specific mount configuration prerequisites are satisfied. Impact An attacker may be able to escalati...

DEBIAN-CVE-2021-3571

A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to...

CVE-2021-3571

A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to...

CVE-2021-3571

A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to...

[SECURITY] Fedora 34 Update: nextcloud-20.0.10-1.fc34

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

August 26, 2021—KB5005103 (OS Build 18363.1766) Preview

August 26, 2021—KB5005103 OS Build 18363.1766 Preview NEW 8/24/2021 IMPORTANT Starting in October 2021, there will no longer be optional, non-security releases known as "C" releases for Windows 10, version 1909. Only cumulative monthly security updates known as the "B" or Update Tuesday release...

CVE-2021-3571

A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to...

UBUNTU-CVE-2021-3571

A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to...

CVE-2021-31874

Zoho ManageEngine ADSelfService Plus before 6104, in rare situations, allows attackers to obtain sensitive information about the password-sync database application...

CVE-2021-31874

Zoho ManageEngine ADSelfService Plus before 6104, in rare situations, allows attackers to obtain sensitive information about the password-sync database application...

Information disclosure

Zoho ManageEngine ADSelfService Plus before 6104, in rare situations, allows attackers to obtain sensitive information about the password-sync database application...

CVE-2021-31874

Zoho ManageEngine ADSelfService Plus before 6104, in rare situations, allows attackers to obtain sensitive information about the password-sync database application...

CVE-2021-31874

CVE-2021-31874 affects Zoho ManageEngine ADSelfService Plus prior to version 6104. In rare situations, it allows attackers to obtain sensitive information about the password-sync database. The provided documents describe the disclosure impact but do not include concrete exploit details, affected ...

PT-2024-11320 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible use-after-free in the Linux kernel's watchdog driver. The driver's remove path calls del timer, which does not wait until the timer handler finishes,...

Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path

Exploit Title: Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.syncbreeze.com/ Software Links: https://www.syncbreeze.com/setupsx64/syncbreezesrvsetupv13.6.18x64.exe...

Sync Breeze 13.6.18 - (Multiple) Unquoted Service Path Vulnerability

Exploit Title: Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Vendor Homepage: https://www.syncbreeze.com/ Software Links: https://www.syncbreeze.com/setupsx64/syncbreezesrvsetupv13.6.18x64.exe...

Sync Breeze 13.6.18 Sync Breeze 13.6.18 Unquoted Service Path

Exploit Title: Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.syncbreeze.com/ Software Links: https://www.syncbreeze.com/setupsx64/syncbreezesrvsetupv13.6.18x64.exe...

SUSE: Security Advisory (SUSE-SU-2017:0255-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...