Browse, filter by detection status, or search by CVE to get visibility into upcoming and new detections (QIDs) for all severities.
This is a public beta. We welcome your feedback.
Under investigation:
We are researching a detection and will publish one if
it is feasible.
In development:
We are coding a detection and will typically publish it
within a few days.
Recently published:
We have published the detection on the date indicated,
and it will typically be available in the KnowledgeBase
on shared platforms within a day.
Non-Qualys customers can audit their network for all published vulnerabilities by signing up for a Qualys Free Trial or Qualys Community Edition.
Affected Versions
Firefox for Android prior to 84.1.3
Following security issues are observed:
CVE-2020-15358,CVE-2020-9979,CVE-2020-9976,CVE-2020-9977,CVE-2020-9971,CVE-2020-9972,CVE-2020-9973,CVE-2020-9954,CVE-2020-9876,CVE-2020-9952,CVE-2020-9950,CVE-2020-9951,CVE-2020-9958,CVE-2020-9959,CVE-2020-9992,CVE-2020-9993,CVE-2020-9991,CVE-2020-9996,CVE-2020-10013,CVE-2020-9999,CVE-2019-14899,CVE-2020-13630,CVE-2020-6147,CVE-2020-9773,CVE-2020-13435,CVE-2020-13434,CVE-2020-9963,CVE-2020-9944,CVE-2020-9961,CVE-2020-9946,CVE-2020-9941,CVE-2020-9966,CVE-2020-9965,CVE-2020-9964,CVE-2020-9969,CVE-2020-9968,CVE-2020-9949,CVE-2020-9981,CVE-2020-9983,CVE-2020-9989,CVE-2020-9988,CVE-2020-9943,CVE-2020-9947,CVE-2020-9849,CVE-2020-13631,CVE-2020-9955,CVE-2020-13520
Affected Devices
iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Following security issues are observed:
A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management.
CVE-2020-27951
Unauthorized code execution may lead to an authentication policy violation
Affected Devices
iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch
Affected Products:
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Module for Legacy Software 15-SP1
SUSE Linux Enterprise Module for Development Tools 15-SP1
SUSE Linux Enterprise Module for Basesystem 15-SP1
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0118-1 to address this issue and obtain further details.
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15-SP2
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0127-1 to address this issue and obtain further details.
Affected Products:
Prior to Mozilla Thunderbird 78.6.1
QID Detection Logic (Authenticated):
This checks for vulnerable version of Thunderbird browser.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Refer to Red Hat security advisory RHSA-2021:0052 to address this issue and obtain more information.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Refer to Red Hat security advisory RHSA-2021:0053 to address this issue and obtain more information.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Refer to Red Hat security advisory RHSA-2021:0054 to address this issue and obtain more information.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Refer to Red Hat security advisory RHSA-2021:0055 to address this issue and obtain more information.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Refer to Red Hat security advisory RHSA-2021:0087 to address this issue and obtain more information.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Refer to Red Hat security advisory RHSA-2021:0088 to address this issue and obtain more information.
Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)
Affected Products :
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Refer to Red Hat security advisory RHSA-2021:0089 to address this issue and obtain more information.
Microsoft ended support for Office 2010 Service Pack 2 on October 13, 2020 and provides no further support.
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. (CVE-2020-14318 )
A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14323 )
A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administratorprivileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472 )
</DIV>A flaw was found in postgresql. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25694 )
A flaw was found in postgresql. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25695 )
A flaw was found in the psql interactive terminal of PostgreSQL. If an interactive psql session uses \gset when querying a compromised server, this flaw allows an attacker to execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-25696 )
</DIV>Security Fix(es): postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694)
postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696)
Affected Products :
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Refer to Red Hat security advisory RHSA-2021:0057 to address this issue and obtain more information.
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. (CVE-2020-14363 )
</DIV>A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-15862 )
</DIV>A flaw was found in X.Org Server. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14345 )
A flaw was found in xorg-x11-server. A integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14346 )
A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14361 )
A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14362 )
</DIV>Security Fix(es): ImageMagick: Shell injection via PDF password could result in arbitrary code execution (CVE-2020-29599)
Affected Products :
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Refer to Red Hat security advisory RHSA-2021:0024 to address this issue and obtain more information.
Affected Products:
SUSE Linux Enterprise Module for Realtime 15-SP2
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0108-1 to address this issue and obtain further details.
Affected Products:
SUSE Linux Enterprise Module for Realtime 15-SP1
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0095-1 to address this issue and obtain further details.
Security Fix(es): dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 (CVE-2021-1723)
Affected Products :
Red Hat Enterprise Linux for x86_64 8 x86_64
Refer to Red Hat security advisory RHSA-2021:0094 to address this issue and obtain more information.
Security Fix(es): dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 (CVE-2021-1723)
Affected Products :
Red Hat Enterprise Linux for x86_64 8 x86_64
Refer to Red Hat security advisory RHSA-2021:0095 to address this issue and obtain more information.
Security Fix(es): kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)
Affected Products :
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Refer to Red Hat security advisory RHSA-2021:0003 to address this issue and obtain more information.
Security Fix(es): kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)
Affected Products :
Red Hat Enterprise Linux for Real Time 8 x86_64
Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
Refer to Red Hat security advisory RHSA-2021:0004 to address this issue and obtain more information.
Affected Products:
SUSE Linux Enterprise Module for Server Applications 15-SP2
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0093-1 to address this issue and obtain further details.
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server for SAP 12-SP4
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP5
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0080-1 to address this issue and obtain further details.
Affected Products:
SUSE Linux Enterprise Module for Desktop Applications 15-SP2
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0071-1 to address this issue and obtain further details.
Affected Products:
SUSE Linux Enterprise Module for Desktop Applications 15-SP1
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0072-1 to address this issue and obtain further details.
Affected versions:
Adobe Animate 21.0 and earlier versions.
QID detection logic:
Qid checks for file Animate.exe in Windows HKLM.
The KB Articles associated with the update:
KB4598288
KB4598287
KB4598243
KB4598278
KB4598275
KB4598242
KB4598285
KB4598229
KB4598245
KB4598230
KB4598297
KB4598231
KB4598279
KB4598289
This QID checks for the file version of ntoskrnl.exe
The following versions of ntoskrnl.exe with their corresponding KBs are verified:
KB4598288 - 6.0.6003.21026
KB4598287 - 6.0.6003.21026
KB4598243 - 10.0.14393.4169
KB4598278 - 6.2.9200.23246
KB4598275 - 6.3.9600.19913
KB4598242 - 10.0.19041.746
KB4598285 - 6.3.9600.19913
KB4598229 - 10.0.18362.1316
KB4598245 - 10.0.17134.1967
KB4598230 - 10.0.17763.1697
KB4598297 - 6.2.9200.23246
KB4598231 - 10.0.10240.18818
KB4598279 - 6.1.7601.24564
KB4598289 - 6.1.7601.24564
Affected Software:
Microsoft System Center 2012 Endpoint Protection
Microsoft Security Essentials
Microsoft System Center 2012 R2 Endpoint Protection
Microsoft System Center Endpoint Protection
Windows Defender
QID Detection Logic (Authenticated):
Detection checks for mpengine.dll file version less than 1.1.17700.4
Affected Version:
Microsoft Edge based on Chromium Prior to version 87.0.664.75
QID Detection Logic: (authenticated)
Operating System: Windows
The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.
QID Detection Logic: (authenticated)
Operating System: MacOS
The QID checks for vulnerable version of Microsoft Edge from installed application list.
Google Chrome is affected by following Vulnerability.
CVE-2021-21106: Use after free in autofill.
CVE-2021-21107: Use after free in drag and drop.
CVE-2021-21108: Use after free in media.
CVE-2021-21109: Use after free in payments.
CVE-2021-21110: Use after free in safe browsing.
CVE-2021-21111: Insufficient policy enforcement in WebUI.
CVE-2021-21112: Use after free in Blink.
CVE-2021-21113: Heap buffer overflow in Skia.
CVE-2020-16043: Insufficient data validation in networking.
CVE-2021-21114: Use after free in audio.
CVE-2020-15995: Out of bounds write in V8.
CVE-2021-21115: Use after free in safe browsing.
CVE-2021-21116: Heap buffer overflow in audio.
Affected Versions:
Google Chrome Prior to 87.0.4280.141.
QID Detection Logic(Authenticated):
This QID checks for vulnerable version of Google Chrome on Windows , MAC OS and Linux OS.
QID Detection Logic (Authenticated):
Detection looks for Microsoft SQL Server instances and checks sqlservr.exe file version
This security update contains the following KBs:
KB4493162
KB4493163
KB4493175
KB4493178
KB4493161
KB4486683
KB4493167
KB4493187
KB4486736
KB4486724
QID Detection Logic:
This authenticated QID checks the file versions from the above Microsoft KB article with the versions on the affected SharePoint system.
Affected Product::
HEVCVideoExtension prior to 1.0.33242.0
QID detection Logic:
Detection gets the version of HEVCVideoExtension by querying wmi class Win32_InstalledStoreProgram.
This security update contains the following KBs:
KB4493171
KB4486764
KB4493145
KB4493142
KB4493156
KB4493160
KB4486759
KB4493181
KB4493176
KB4493186
KB4493168
KB4493165
KB4486762
KB4493143
KB4486755
QID Detection Logic:
This authenticated QID checks the file versions from the Microsoft advisory with the versions on the affected office system.
Note: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.
Microsoft Hyper-V is prone to the following vulnerabilities:
CVE-2021-1691 - Hyper-V Denial of Service Vulnerability
CVE-2021-1692 - Hyper-V Denial of Service Vulnerability
CVE-2021-1704 - Windows Hyper-V Elevation of Privilege Vulnerability
This security update is rated Important for all supported editions of Windows.
Adobe InCopy is affected with Arbitrary Code Execution Vulnerability.
Affected Versions:
Adobe InCopy 15.1.3 and earlier versions
QID Detection Logic (Authenticated):
This checks for vulnerable versions of InCopy.
Wireshark 1.6 has been detected on the host. Support for Wireshark 1.6 ended on June 7, 2013. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 1.10 has been detected on the host. Support for Wireshark 1.10 ended on June 5, 2015. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 2.0 has been detected on the host. Support for Wireshark 2.0 ended on November 18, 2017. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 2.6 has been detected on the host. Support for Wireshark 2.6 ended on October 18, 2020. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 1.0 has been detected on the host. Support for Wireshark 1.0 ended on September 30, 2010. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 1.2 has been detected on the host. Support for Wireshark 1.2 ended on June 30, 2011. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 1.4 has been detected on the host. Support for Wireshark 1.4 ended on August 30, 2012. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 1.12 has been detected on the host. Support for Wireshark 1.12 ended on July 31, 2016. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 2.2 has been detected on the host. Support for Wireshark 2.2 ended on September 7, 2018. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 2.4 has been detected on the host. Support for Wireshark 2.4 ended on October 18, 2020. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Wireshark 3.0 has been detected on the host. Support for Wireshark 3.0 ended on August 28, 2020. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.
Security Fix(es): mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep (CVE-2020-15180)
mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
(CVE-2019-2938)
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
(CVE-2019-2974)
mysql: C API unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2752)
mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2760)
mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2780)
mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2812)
mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2814)
mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249)
mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14765)
mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14776)
mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14789)
mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14812)
mysql: C API unspecified vulnerability (CPU Jan 2020)
(CVE-2020-2574)
Affected Products :
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Refer to Red Hat security advisory RHSA-2020:5654 to address this issue and obtain more information.
Security Fix(es): mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep (CVE-2020-15180)
mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
(CVE-2019-2938)
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
(CVE-2019-2974)
mysql: C API unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2752)
mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2760)
mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2780)
mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2812)
mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
(CVE-2020-2814)
mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249)
mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14765)
mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14776)
mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14789)
mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
(CVE-2020-14812)
mysql: C API unspecified vulnerability (CPU Jan 2020)
(CVE-2020-2574)
Affected Products :
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Refer to Red Hat security advisory RHSA-2020:5665 to address this issue and obtain more information.
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories :
Fedora 32 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories :
Fedora 32 Update
Affected Software:
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 - 16.6)
Microsoft Visual Studio 2019 version 16.0
Microsoft Visual Studio 2019 version 16.8
QID Detection Logic:Authenticated
This QID detects vulnerable versions of Microsoft Visual Studio by checking file version of devenv.exe.
CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Affected Products:
Prior to Firefox 84.0.2
QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.
CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Affected Products:
Prior to Firefox ESR 78.6.1
QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. (CVE-2020-14318 )
A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14323 )
A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administratorprivileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472 )
</DIV>A flaw was found in libexif. A possible out of bounds write, due ot an integer overflow, could lead to a remote code execution if a third party app used this library to process remote image data. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-0452 )
</DIV>When drawing a transparent image on top of an unknown cross-origin image, the Skia library `drawImage` function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel attacks. (CVE-2020-16012 )
The Mozilla Foundation Security Advisory describes this flaw as:When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read. (CVE-2020-16042 )
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26951 )
It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26953 )
In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26956 )
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26958 )
During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26959 )
If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26960 )
When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26961 )
Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature
</DIV>A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-15862 )
</DIV>Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names. (CVE-2020-8201 )
A flaw was found in Node.js 14.x, in versions before 14.11, where it is vulnerable to a denial of service caused by delayed requests. When used as an edge server, this flaw allows an attacker to initiate a large number of HTTP requests, causing resource exhaustion and leaving the service unable to accept new connections. The highest threat from this vulnerability is to system availability. (CVE-2020-8251 )
</DIV>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file, aka 'Visual Studio JSON Remote Code Execution Vulnerability'.
Affected Versions:
Visual studio code prior to version 1.48.2
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of visual studio code.
Affected Products:
SUSE Linux Enterprise Server for SAP 15
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0029-1 to address this issue and obtain further details.
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server for SAP 12-SP4
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP5
To install packages using the command line interface, use the command "yum update".
Refer to Suse security advisory SUSE-SU-2021:0018-1 to address this issue and obtain further details.
Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF.
Affected versions:
private-ip including and prior to 1.0.5
QID Detection logic:(Authenticated)
It fires npm list | grep 'private-ip' command to check the Private-IP package version
Affected Versions:
Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45
QID Detection Logic (Un-authenticated):
Intel AMT and ISM when enabled exposes its version remotely on TCP ports 16992, 16993. This QID matches vulnerable versions based on the exposed information.
procps-ng is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
Vulnerable Component: BIG-IP ASM, APM,LTM
Affected Versions:
13.1.0 - 13.1.3
12.1.0 - 12.1.5
11.6.1 - 11.6.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Affected OS: EulerOS V2.0SP2
Affected OS: EulerOS V2.0SP8
A hardcoded credential vulnerability was identified in the zyfwp user account in some Zyxel firewalls and AP controllers.
Affected Versions:
ATP series running firmware ZLD V4.60
USG series running firmware ZLD V4.60
USG FLEX series running firmware ZLD V4.60
VPN series running firmware ZLD V4.60
NXC2500
NXC5500
QID Detection Logic:(authenticated)
This QID tries to log in on a target using hardcoded credentials.
