Affected Software:
Nitro Pro v 13.47.4.957 and earlier

QID Detection Logic:
It checks for vulnerable version of Nitro Pro by checking the file version of NitroPDF.exe.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3476-1 to address this issue and obtain further details.

Security Fix(es): redis: Lua scripts can overflow the heap-based Lua stack (CVE-2021-32626) redis: Integer overflow issue with Streams (CVE-2021-32627) redis: Integer overflow bug in the ziplist data structure (CVE-2021-32628) redis: Denial of service via Redis Standard Protocol (RESP)
request (CVE-2021-32675) redis: Integer overflow issue with intsets (CVE-2021-32687) redis: Integer overflow issue with strings (CVE-2021-41099)

Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3918 to address this issue and obtain more information.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3472-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3467-1 to address this issue and obtain further details.

Oracle HTTP Server is the Web server component for Oracle Fusion Middleware. It provides a listener for Oracle WebLogic Server and the framework for hosting static pages, dynamic pages, and applications over the Web.

Affected Versions:
Oracle HTTP Server, versions 11.1.1.9.0, 12.2.1.4.0

QID Detection Logic (Authenticated):
This QID checks the vulnerable version of Oracle HTTP Server from file "inventory.xml" from the Home Directory.

A null pointer dereference was found in apache httpd mod_h2.
The highest threat from this flaw is to system integrity. (
( CVE-2021-33193) a null pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed http requests.
The highest threat from this vulnerability is to system availability. (
( CVE-2021-34798) an out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request.
( CVE-2021-36160)

A null pointer dereference was found in apache httpd mod_h2.
The highest threat from this flaw is to system integrity. (
( CVE-2021-33193) a null pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed http requests.
The highest threat from this vulnerability is to system availability. (
( CVE-2021-34798) an out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request.
( CVE-2021-36160) an out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function. (
( CVE-2021-39275)

A heap buffer overflow flaw was found in libsndfile.
This flaw allows an attacker to execute arbitrary code via a crafted wav file.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (
( CVE-2021-3246)

A flaw was found in sssd, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands.
This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (
( CVE-2021-3621)

A vulnerability in the image verification function of Cisco Expressway Series and
Cisco TelePresence Video Communication Server (VCS) could
allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system.

Affected Products
Cisco Expressway Series and Cisco TelePresence VCS if they were running a release
from x8.8 Prior to 14.0.3 release. Note: This vulnerability was introduced when support for
validation of SHA512 checksums was introduced in Release X8.8.

QID Detection Logic (Unauthenticated):
The check matches version of Cisco TelePresence Video Communication Server Expressway on the exposed banner information under the SIP banner.

Customers are advised to refer to cisco-sa-ewver-c6WZPXRx for more information.

Oracle VM VirtualBox is an x86 virtualization software package.

Affected Versions:-
Oracle VM VirtualBox prior to 6.1.28

QID Detection Logic (Authenticated):
This QID checks the vulnerable version of Oracle VM VirtualBox by checking the file version of file "VirtualBox.exe".

Security Fix(es): grafana: Snapshot authentication bypass (CVE-2021-39226)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3769 to address this issue and obtain more information.

Security Fix(es):
grafana: Snapshot authentication bypass (CVE-2021-39226)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3770 to address this issue and obtain more information.

Affected Software:
Oracle Database 12.1.0.2

QID Detection Logic (Unauthenticated):
This QID connects the remote server's Oracle listener and reviews the Oracle banner version.

Affected Software:
Oracle Database 12.1.0.2

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

Affected Software:
Oracle Database 12.2.0.1

QID Detection Logic (Unauthenticated):
This QID connects the remote server's Oracle listener and reviews the Oracle banner version.

Affected Software:
Oracle Database 12.2.01

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

Affected Software:
Oracle Database 21c

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

Affected Software:
Oracle Database 19c

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

Affected Versions:
Oracle WebLogic Server, version(s) 10.3.6.0, 12.1.3.0, 12.2.1.3,12.2.1.4 and 14.1.1.0

QID Detection Logic (Authenticated):
Operating System: Linux
This QID checks to see if Oracle WebLogic Server process is listening on any of the TCP ports. If so, for version 12.x it gets the "Oracle_Home" path, navigates to that directory and reads "registry.xml" and the patch files found in the directory "Oracle_Home"\inventory\patches to check if the installed version is patched.
For version 10.3.6.x, it gets the "Oracle_Home" path, navigates to that directory and reads "registry.xml" and the file "Oracle_Home"\patch_wls1036\registry\patch-registry.xml to check if the installed version is patched.

QID Detection Logic (Authenticated):
Operating System: Windows
For affected 12.x version
The QID checks the "Oracle_Home" path with help of the registry key "HKLM\Software\Oracle". The QID verifies if the affected WebLogic version is installed on the host and then checks if the corresponding patch is applied or not.

For 10.3.6.0
The QID checks if WebLogic v10.3.6.0 is installed by looking at the file WLS_HOME\wlserver_10.3\.product.properties. The QID then checks if the corresponding patch is applied or not. The WLS_HOME is check using the file "systemdrive"\bea\beahomelist.

Patch IDs checked:
WebLogic Server 14.1.1.0 - Patch 33416881
WebLogic Server 12.2.1.4 - Patch 33416868
WebLogic Server 12.2.1.3 - Patch 33412599
WebLogic Server 12.1.3.0 - Patch 33172866
WebLogic Server 10.3.6.0 - Patch 33172858

QID Detection Logic (Unauthenticated) :
The qid sends a "GET console/login/LoginForm.jsp" request to retrieve the WebLogic version installed.

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1367-1 to address this issue and obtain further details.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) Mozilla: Downgrade attack on SMTP STARTTLS connections (CVE-2021-38502) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3838 to address this issue and obtain more information.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) Mozilla: Downgrade attack on SMTP STARTTLS connections (CVE-2021-38502) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3839 to address this issue and obtain more information.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) Mozilla: Downgrade attack on SMTP STARTTLS connections (CVE-2021-38502) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3840 to address this issue and obtain more information.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) Mozilla: Downgrade attack on SMTP STARTTLS connections (CVE-2021-38502) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3841 to address this issue and obtain more information.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3791 to address this issue and obtain more information.

Security Fix(es): libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658)

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3810 to address this issue and obtain more information.

Security Fix(es): httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438) httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691)

Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3816 to address this issue and obtain more information.

Affected Versions:
MySQL Server, versions 5.7.35 and prior, 8.0.26 and prior.

QID Detection Logic (Unauthenticated):
This QID detects vulnerable versions of MySQL via the banner exposed by the service.

Security Fix(es): httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3836 to address this issue and obtain more information.

Security Fix(es): httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3837 to address this issue and obtain more information.

Security Fix(es): httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438)

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Red Hat Enterprise Linux Server - AUS 7.3 x86_64
Red Hat Enterprise Linux Server - AUS 7.2 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3856 to address this issue and obtain more information.

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1369-1 to address this issue and obtain further details.

Security Fix(es): kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576) kernel: SVM nested virtualization issue in KVM (AVIC support)
(CVE-2021-3653) kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
(CVE-2021-3656)

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Red Hat Virtualization Host 4 for RHEL 7 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3801 to address this issue and obtain more information.

Security Fix(es): kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) kernel: SVM nested virtualization issue in KVM (AVIC support)
(CVE-2021-3653) kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
(CVE-2021-3656)

Affected Products:

Red Hat Enterprise Linux for Real Time 7 x86_64
Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3802 to address this issue and obtain more information.

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1366-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1365-1 to address this issue and obtain further details.

QID Detection Logic (Authenticated):
This QID lists installed patch to check if the patches are missing.

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected Products:

Red Hat Ansible Engine 2.9 for RHEL 8 x86_64
Red Hat Ansible Engine 2.9 for RHEL 8 s390x
Red Hat Ansible Engine 2.9 for RHEL 8 ppc64le
Red Hat Ansible Engine 2.9 for RHEL 8 aarch64
Red Hat Ansible Engine 2.9 for RHEL 7 x86_64
Red Hat Ansible Engine 2.9 for RHEL 7 s390x
Red Hat Ansible Engine 2.9 for RHEL 7 ppc64le

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3871 to address this issue and obtain more information.

Affected Products:

Red Hat Ansible Engine 2 for RHEL 8 x86_64
Red Hat Ansible Engine 2 for RHEL 8 s390x
Red Hat Ansible Engine 2 for RHEL 8 ppc64le
Red Hat Ansible Engine 2 for RHEL 8 aarch64
Red Hat Ansible Engine 2 for RHEL 7 x86_64
Red Hat Ansible Engine 2 for RHEL 7 s390x
Red Hat Ansible Engine 2 for RHEL 7 ppc64le

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3872 to address this issue and obtain more information.

Affected OS:
Fedora 33

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 33

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 33

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update

Affected OS:
Fedora 33

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

Affected OS:
Fedora 33

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update

Affected OS:
Fedora 34

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update

The Apache HTTP Server for versions 2.4.49, 2.4.50 has fixes for multiple vulnerabilities.

Vulnerabilities:
Apache HTTP Server Remote Code Execution
Apache HTTP Server Path Traversal

QID Detection Logic(s):
This QID sends an HTTP GET request on Web Server and determines version based on the Server Header.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3755 to address this issue and obtain more information.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3756 to address this issue and obtain more information.

Security Fix(es): Mozilla: Use-after-free in MessageTask (CVE-2021-38496) Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498)

Affected Products:

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3757 to address this issue and obtain more information.

Security Fix(es): httpd: mod_proxy: SSRF via a crafted request uri-path (CVE-2021-40438)

Affected Products:

Red Hat JBoss Core Services 1 for RHEL 8 x86_64
Red Hat JBoss Core Services 1 for RHEL 7 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3746 to address this issue and obtain more information.

Security Fix(es): httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438)

Affected Products:

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3754 to address this issue and obtain more information.

Security Fix(es): kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Refer to Red Hat security advisory RHSA-2021:3768 to address this issue and obtain more information.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3451-1 to address this issue and obtain further details.

The affected version of the Apache server allows remote attackers to read files via a Path Traversal vulnerability. This vulnerability only impacts Apache HTTP Server version 2.4.49 with the Require all denied access control configuration disabled. When mod_cgi module is enabled for these aliased paths, it leads to Remote Code Execution on the target server.

QID Detection Logic (Unauthenticated) :
This QID sends a crafted HTTP POST request to /bin/sh with payload to check if the target is exploitable.

Affected Products:
openSUSE Leap 15.3:NonFree
openSUSE Leap 15.2:NonFree


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1358-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3447-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1357-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3445-1 to address this issue and obtain further details.

Affected Product:
Oracle Linux 7

Affected Product:
Oracle Linux 6
Oracle Linux 7

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1343-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3331-1 to address this issue and obtain further details.

Affected Product:
Oracle Linux 8

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1350-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3353-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1341-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3338-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.3


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:3387-1 to address this issue and obtain further details.

Affected Products:
openSUSE Leap 15.2


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

To install packages using the command line interface, use the command "yum update".

Refer to SUSE security advisory openSUSE-SU-2021:1342-1 to address this issue and obtain further details.

The affected version of the Apache server allows remote attackers to read files via a path traversal vulnerability. This vulnerability only impacts Apache HTTP Server version 2.4.49 with the Require all denied access control configuration disabled.

QID Detection Logic (Unauthenticated) :
This QID sends an HTTP GET request to access the server file /etc/passwd and based on the response confirms if the target is vulnerable.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 5.4 for package py36-yaml
Version range 0.0.0 to 5.4 for package py37-yaml
Version range 0.0.0 to 5.4 for package py38-yaml
Version range 0.0.0 to 5.4 for package py39-yaml

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 1.1.1l,1 for package openssl
Version range 0.0.0 to 3.0.0.b3 for package openssl-devel
Version range 13.0 to 13.0_4 for package FreeBSD
Version range 12.2 to 12.2_10 for package FreeBSD

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 3.8.16 for package rabbitmq

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 4.5.1 for package pg_partman

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 4.3.2 for package libzmq4

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 1.7.1 for package libX11

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 0.10.0 for package rabbitmq-c
Version range 0.0.0 to 0.10.0 for package rabbitmq-c-devel

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 1.20.1,2 for package nginx
Version range 0.0.0 to 1.21.0 for package nginx-devel

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 12.2 to 12.2_6 for package FreeBSD-kernel

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.286 for package jenkins
Version range 0.0.0 to 2.277.3 for package jenkins-lts

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.3.4 for package pglogical

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.8.3 for package tauthon

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.25.2,1 for package mantis-php73
Version range 0.0.0 to 2.25.2,1 for package mantis-php74
Version range 0.0.0 to 2.25.2,1 for package mantis-php80

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.9.20 for package libpano13

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.4.49 for package apache24

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 8.4.2 for package bacula-web

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.4.0 for package cde

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.6.0 to 0.6.2 for package seatd

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.14.19 for package nexus2-oss

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 13.0 to 13.0_4 for package FreeBSD
Version range 12.2 to 12.2_10 for package FreeBSD
Version range 11.4 to 11.4_13 for package FreeBSD

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 13.0 to 13.0_4 for package FreeBSD
Version range 12.2 to 12.2_10 for package FreeBSD
Version range 11.4 to 11.4_13 for package FreeBSD

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

FreeBSD has released a security update.
Affected versions:

Version range 0.0.0 to 2.33.1_5 for package binutils

QID Detection Logic: (Authenticated)
It checks package versions to check for the vulnerable packages.

The PowerLogic metering products are revenue and power quality meters for utility and industrial electrical network monitoring.
AFFECTED PRODUCTS
Schneider Electric is aware of a vulnerability in its PowerLogic ION7400, PM8000 and ION9000 products:All versions prior to V3.0.0

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section SEVD-2021-068-02 for affected packages and patching details.

AFFECTED PRODUCTS
Schneider Electric reports that the vulnerability affects the following products:
homeLYnk Controller, LSS100100, all versions prior to V1.5.0

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section ICSA-17-019-01A for affected packages and patching details.

AFFECTED PRODUCTS
The following products and versions are affected:
Quantum
140NOE77101 Firmware V4.9 and all previous versions,
140NOE77111 Firmware V5.0 and all previous versions,
140NOE77100 Firmware V3.4 and all previous versions,
140NOE77110 Firmware V3.3 and all previous versions,
140CPU65150 Firmware V3.5 and all previous versions,
140CPU65160 Firmware V3.5 and all previous versions,
140CPU65260 Firmware V3.5 and all previous versions,
140NOC77100 Firmware V1.01 and all previous versions, and
140NOC77101 Firmware V1.01 and all previous versions.
Any available conformal-coated versions of the above part numbers.
Premium
TSXETY4103 Firmware V5.0 and all previous versions,
TSXETY5103 Firmware V5.0 and all previous versions,
TSXP571634M Firmware V4.9 and all previous versions,
TSXP572634M Firmware V4.9 and all previous versions,
TSXP573634M Firmware V4.9 and all previous versions,
TSXP574634M Firmware V3.5 and all previous versions,
TSXP575634M Firmware V3.5 and all previous versions,
TSXP576634M Firmware V3.5 and all previous versions, and
TSXETC101 Firmware V1.01 and all previous versions.
Any available conformal-coated versions of the above part numbers.
M340
BMXNOE0100 Firmware V2.3 and all previous versions,
BMXNOE0110 Firmware V4.65 and all previous versions, and
BMXNOC0401 Firmware V1.01 and all previous versions.
The following products are affected by the FTP Service vulnerabilities only (not affected by Telnet or Windriver Debug vulnerabilities)
:
STBNIC2212 Firmware V2.10 and all previous versions,
STBNIP2311 Firmware V3.01 and all previous versions,
STBNIP2212 Firmware V2.73 and all previous versions,
BMXP342020 Firmware V2.2 and all previous versions, and
BMXP342030 Firmware V2.2 and all previous versions.

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section ICSA-12-018-01B for affected packages and patching details.

AFFECTED PRODUCTS
Beckhoff reports that the vulnerabilities may affect the following products:
All Beckhoff Embedded PC Images with a creation date prior to October 22, 2014, and
All TwinCAT Components featuring Automation Device Specification (ADS) communication.

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section ICSA-16-278-02 for affected packages and patching details.

AFFECTED PRODUCTS
Schneider Electric reports that the vulnerability affects the following Modicon M340 PLC products:
BMXNOC0401,
BMXNOE0100,
BMXNOE0100H,
BMXNOE0110,
BMXNOE0110H,
BMXNOR0200,
BMXNOR0200H,
BMXP342020,
BMXP342020H,
BMXP342030,
BMXP3420302,
BMXP3420302H, and
BMXPRA0100.

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section ICSA-15-351-01 for affected packages and patching details.

AFFECTED PRODUCTS
The following ETG3000 FactoryCast HMI Gateways are affected:
TSXETG3000 all versions,
TSXETG3010 all versions,
TSXETG3021 all versions, and
TSXETG3022 all versions.

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section ICSA-15-020-02 for affected packages and patching details.

AFFECTED PRODUCTS
The following versions of I/O-CHECK software are affected by the listed vulnerabilities:
Series PFC100 (750-81xx/xxx-xxx)
Series PFC200 (750-82xx/xxx-xxx)
750-852, 750-831/xxx-xxx, 750-881, 750-880/xxx-xxx, 750-889
750-823, 750-832/xxx-xxx, 750-862, 750-890/xxx-xxx, 750-891

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Customers are advised to refer to CERT MITIGATIONS section ICSA-20-065-01 for affected packages and patching details.

CVE-2021-40719: Deserialization of Untrusted Data
CVE-2021-40721: Cross-site Scripting (Reflected XSS)

Affected Versions:
Adobe Connect 11.2.2 and earlier versions

QID Detection Logic (Unauthenticated):
his QID reads the version.txt file in an unauthenticated request to see if it's vulnerable.

Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability

KB Articles associated with this update are: KB5004780,KB5004779,KB5004778

Affected Versions:
Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft Exchange Server 2013 Cumulative Update 23

QID Detection Logic (authenticated):
The QID checks for the version of file Exsetup.exe.

The KB Articles associated with the update:
KB5006674
KB5006699

This QID checks for the file version of ntoskrnl.exe

The following versions of ntoskrnl.exe with their corresponding KBs are verified:
KB5006674-10.0.22000.258
KB5006699-10.0.20348.288

The KB Articles associated with the update:
KB5006670
KB5006675
KB5006674
KB5006669
KB5006699
KB5006743
KB5006728
KB5006714
KB5006729
KB5006739
KB5006732
KB5006736
KB5006715
KB5006667
KB5006672

This QID checks for the file version of ntoskrnl.exe

The following versions of ntoskrnl.exe and Win32k.sys with their corresponding KBs are verified:
KB5006670-10.0.19041.1288
KB5006675-10.0.10240.19086
KB5006674-10.0.22000.258
KB5006669-10.0.14393.4704
KB5006699-10.0.20348.288
KB5006743-6.1.7601.25740
KB5006728-6.1.7601.25740
KB5006714-6.3.9600.20144
KB5006729-6.3.9600.20143
KB5006739-6.2.9200.23489
KB5006732-6.2.9200.23489
KB5006736-6.0.6003.21251
KB5006715-6.0.6003.21251
KB5006667-10.0.18362.1854
KB5006672-10.0.17763.2237

This security update contains the following KBs:

KB5002028
KB5002042
KB5002029
KB5002006
KB4493202
KB5001924

QID Detection Logic:
This authenticated QID checks the file versions from the above Microsoft KB article with the versions on the affected SharePoint system.

KB5002028
KB5002042
KB5002029
KB5002006
KB4493202
KB5001924

This security update contains the following:

MacOS Release Notes
Office Click-2-Run and Office 365 Release Notes
KB5002004
KB5001960
KB5002036
KB5002027
KB5001982
KB4461476
KB5001985
KB4018332
KB5002030
KB5002043

QID Detection Logic:
This authenticated QID checks the file versions from the Microsoft advisory with the versions on the affected office system.

Note: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.

MacOS Release Notes
Office Click-2-Run and Office 365 Release Notes
KB5002004
KB5001960
KB5002036
KB5002027
KB5001982
KB4461476
KB5001985
KB4018332
KB5002030
KB5002043

SonicWall Secure Mobile Access (SMA) is a unified secure access gateway.

Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so.

QID Detection Logic (Unauthenticated):
This QID detects the vulnerable firmware version from Web interface.

Successful exploitation of the vulnerability may allow complete system compromise

Following security issues were discovered:
CVE-2021-1886, CVE-2021-1888, CVE-2021-1889, CVE-2021-1890, CVE-2021-1933, CVE-2021-1946,CVE-2021-0695, CVE-2021-0680, CVE-2021-0681, CVE-2021-1941, CVE-2021-1948, CVE-2021-1974, CVE-2021-30290, CVE-2021-30294, CVE-2021-1909, CVE-2021-1923, CVE-2021-1934, CVE-2021-1935, CVE-2021-1952, CVE-2021-1971, CVE-2021-30295, CVE-2020-26558, CVE-2021-0703, CVE-2021-0652, CVE-2021-0705, CVE-2021-0708, CVE-2020-15358, CVE-2021-0702, CVE-2021-0651, CVE-2021-0483, CVE-2021-0643, CVE-2021-0706

Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)

Following security issues were discovered:
CVE-2021-1886, CVE-2021-1889, CVE-2021-1888, CVE-2021-1890, CVE-2021-1933, CVE-2021-1946,CVE-2021-1923, CVE-2021-1909, CVE-2021-1935, CVE-2021-1952, CVE-2021-1934, CVE-2021-30290, CVE-2021-30294, CVE-2021-30295, CVE-2021-0695, CVE-2021-1948, CVE-2021-1941, CVE-2021-1974, CVE-2021-1971, CVE-2020-26558, CVE-2021-0703, CVE-2021-0652, CVE-2021-0705, CVE-2021-0708, CVE-2020-15358, CVE-2021-0702, CVE-2021-0651, CVE-2021-0483, CVE-2021-0643, CVE-2021-0706,CVE-2021-0534, CVE-2021-0568, CVE-2021-0554, CVE-2021-0563, CVE-2021-0535, CVE-2021-0543, CVE-2021-0544, CVE-2021-0545, CVE-2021-0546, CVE-2021-0541, CVE-2021-0542, CVE-2021-0551

Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)

Following security issues were discovered:
CVE-2021-0687,CVE-2021-0644, CVE-2021-0682, CVE-2021-0683, CVE-2021-0684, CVE-2021-0686, CVE-2021-0598, CVE-2021-0688, CVE-2021-0689, CVE-2021-0690, CVE-2021-0595, CVE-2020-26558, CVE-2021-0695, CVE-2021-0680, CVE-2021-0681, CVE-2019-10581, CVE-2021-0518, CVE-2021-30290, CVE-2021-30294, CVE-2021-1941, CVE-2021-1948, CVE-2021-1974, CVE-2021-0869, CVE-2021-30290, CVE-2021-30294, CVE-2021-0685, CVE-2021-0693, CVE-2021-0869,CVE-2021-1957, CVE-2021-1961

Affected Devices :
HUAWEI P series: P30 Pro, P30, P20 Pro, P20
HUAWEI Mate series: Mate 20 X, Mate 20 Pro, Mate 20, Mate 20 RS, Mate 10 Pro, Mate 10, PORSCHE DESIGN HUAWEI Mate RS

Following security issues were discovered:
CVE-2021-0941,CVE-2021-0935,CVE-2021-0936,CVE-2021-0937,CVE-2021-20292,CVE-2021-31916,CVE-2021-0940,CVE-2021-3489,CVE-2021-1966,CVE-2021-1967,CVE-2021-0938,CVE-2021-3490,CVE-2021-0939,CVE-2021-1969,CVE-2020-25285,CVE-2021-29155,CVE-2019-25045,CVE-2021-1968,CVE-2021-29646,CVE-2021-38166

Affected Products :
Pixel 4 XL, Pixel 4, Pixel 3a XL, Pixel 3a, Pixel 3 XL, Pixel 3, Pixel 2 XL, Pixel 2