CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Removed by vendor...

Eclipse Jetty 资源管理错误漏洞

Eclipse Jetty is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . A security vulnerability exists in Eclipse Jetty 7.2.2 through 9.4.38, 10.0.0.alpha0 through 10.0.1, and 11.0.0.alpha0 through 11.0.1, which stems from abnormal processing after receivin...

CVE-2021-1267 Cisco Firepower Management Center XML Entity Expansion Vulnerability

A vulnerability in the dashboard widget of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit th...

CVE-2021-1267 Cisco Firepower Management Center XML Entity Expansion Vulnerability

A vulnerability in the dashboard widget of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit th...

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

Design/Logic Flaw

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

CVE-2020-27715

CVE-2020-27715 affects F5 BIG-IP configurations vulnerable to a crafted TLS request to the management interface on port 443, causing near-100% CPU in httpd. Affected: BIG-IP versions 15.1.0–15.1.0.5, 14.1.0–14.1.3. Remediation per F5 K25691186: upgrade to 15.1.1 for 15.x, 14.1.3.1 for 14.x, or 16...

How the Edge Improves Microservices

Microservice architecture has transformed the way we develop and operate our applications. Microservices aren't a technology or a programming language. Instead, they create a structure for designing and building applications based on the idea that the individual functions of a website should...

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K25691186)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.3.1 / 15.1.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K25691186 advisory. - On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via...

Microsoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash

Microsoft has announced what it calls a more privacy-friendly version of its Productivity Score enterprise feature, following backlash from security experts who condemned it as a “full-fledged workplace surveillance tool.” The Productivity Score feature, which was launched as part of the Microsof...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2083)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

Security Bulletin: Rational Developer for System z - Add support for TLS v1.2 with MS-CAPI in HCE

Summary IBM Rational Developer for System z has added support for TLS v1.2 with MS-CAPI in the Host Connection Emulator Vulnerability Details CVEID: CVE-2017-1796 DESCRIPTION: IBM Developer for z Systems uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt...

Security Bulletin: Rational Developer for System z CPU utilization (CVE-2014-0963)

Summary IBM Rational Developer for System z is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts lik...

Juniper Junos OS SRX Series: High CPU Load Utilization Vulnerability (JSA11081)

The version of Junos OS installed on the remote host is SRX Series prior to 12.3X48-D105, 15.1X49-D221, 17.4R3-S3, 18.1R3-S11, 18.2R3-S3, 18.3R2-S4, 18.4R2-S5, 19.1R2-S2, 19.2R1-S5, 19.3R3, or 19.4R2. It is, therefore, affected by a vulnerability as referenced in the JSA11081 advisory. Note that...

CVE-2020-1684

On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically turned on when...

CVE-2020-3567

A vulnerability in the management REST API of Cisco Industrial Network Director IND could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to insufficient...

Input validation

A vulnerability in the management REST API of Cisco Industrial Network Director IND could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to insufficient...

CVE-2020-3567 Cisco Industrial Network Director Denial of Service Vulnerability

A vulnerability in the management REST API of Cisco Industrial Network Director IND could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to insufficient...