6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-41767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an...
CVE-2023-30243
Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information...
Netcon NS-ASG SQL注入漏洞
Netcon NS-ASG is an application security gateway from China Netcon Technology Netcon. A security vulnerability exists in Netcon NS-ASG v6.3, which originates from allowing access to sensitive information via TunnelId, leading to SQL injection attacks...
UBUNTU-CVE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create()
A race condition between pppol2tpsessioncreate and l2tpethcreate in net/l2tp/l2tpnetlink.c was found in the Linux kernel. Calling l2tptunnelfind may result in a new tunnel being created with tunnel id of a previously removed tunnel which wouldn't be protected by the reference counter...
kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create()
A race condition between pppol2tpsessioncreate and l2tpethcreate in net/l2tp/l2tpnetlink.c was found in the Linux kernel. Calling l2tptunnelfind may result in a new tunnel being created with tunnel id of a previously removed tunnel which wouldn't be protected by the reference counter...