Vulnerability Detection Pipeline

Upcoming and New QIDs

Browse, filter by detection status, or search by CVE to get visibility into upcoming and new detections (QIDs) for all severities.

Detection Status

  • Under investigation: We are researching a detection and will publish one if it is feasible.
  • In development: We are coding a detection and will typically publish it within a few days.
  • Recently published: We have published the detection on the date indicated, and it will typically be available in the KnowledgeBase on shared platforms within a day.

Non-Qualys customers can audit their network for all published vulnerabilities by signing up for a Qualys Free Trial or Qualys Community Edition.

172 results
CVE
Title
Severity
  • CVE-2021-3177+
    In Development

    Python Buffer Overflow/Web Cache Poisoning Vulnerability

    Severity
    Urgent5
    Qualys ID
    375537
    Vendor Reference
    CVE-2021-23336, CVE-2021-3177
    CVE Reference
    CVE-2021-3177, CVE-2021-23336
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Python is an interpreted, high-level and general-purpose programming language.

    CVE-2021-3177 : A vulnerability in Python 3 may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

    Affected Versions:
    Python Versions 3.X up to 3.6.12
    Python Versions 3.7.0 up to 3.7.9
    Python Versions 3.8.0 up to 3.8.7
    Python Versions 3.9.0 up to 3.9.1

    CVE-2021-23336 : A vulnerability in python may lead to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. Affected Versions:
    Python Versions 0.X up to 3.6.12
    Python Versions 3.7.0 up to 3.7.9
    Python Versions 3.8.0 up to 3.8.7
    Python Versions 3.9.0 up to 3.9.1

    QID Detection Logic(Authenticated):
    Detects the installed python version either from py.exe or patchlevel.h file.

    Consequence
    Successful exploitation of these vulnerability may allow an attacker to execute arbitrary command on the target system.
    Solution
    Vendor has release fix to this issue.
    Refer to issue trackerCVE-2021-3177 to address this vulnerability and obtain further details.
    Patches
    CVE-2021-23336, CVE-2021-3177
  • CVE-2021-0473+
    In Development

    Google Android May 2021 Security Patch Missing for LGE

    Severity
    Urgent5
    Qualys ID
    610341
    Vendor Reference
    SMR-May-2021
    CVE Reference
    CVE-2021-0473, CVE-2021-0474, CVE-2021-0475, CVE-2020-25705, CVE-2020-11246, CVE-2020-11234, CVE-2020-15436, CVE-2020-29368, CVE-2020-11251, CVE-2020-11236, CVE-2020-11247, CVE-2020-11237, CVE-2020-11191, CVE-2020-11255, CVE-2020-11243, CVE-2021-0445, CVE-2021-0428, CVE-2021-0472, CVE-2021-0485, CVE-2021-0487, CVE-2021-0482, CVE-2021-0484, CVE-2021-0476, CVE-2021-0477, CVE-2021-0481, CVE-2021-0466, CVE-2021-0480, CVE-2021-0375, CVE-2021-0387, CVE-2021-0369, CVE-2021-0382, CVE-2021-0368, CVE-2021-0374, CVE-2021-0378, CVE-2021-0379, CVE-2021-0384, CVE-2021-0370, CVE-2021-0372, CVE-2021-0377, CVE-2021-0380, CVE-2021-0383, CVE-2021-0386, CVE-2021-0388, CVE-2021-0371
    CVSS Scores
    Base 9.1 / Temporal 7.9
    Description
    Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.

    Following security issues were discovered:
    CVE-2021-0473, CVE-2021-0474, CVE-2021-0475,CVE-2020-25705, CVE-2020-11246, CVE-2020-11234, CVE-2020-15436, CVE-2020-29368, CVE-2020-11251, CVE-2020-11236, CVE-2020-11247, CVE-2020-11237, CVE-2020-11191, CVE-2020-11255, CVE-2020-11243, CVE-2021-0445, CVE-2021-0428, CVE-2021-0472, CVE-2021-0485, CVE-2021-0487, CVE-2021-0482, CVE-2021-0484, CVE-2021-0476, CVE-2021-0477, CVE-2021-0481, CVE-2021-0466, CVE-2021-0480,CVE-2021-0375, CVE-2021-0387, CVE-2021-0369, CVE-2021-0382, CVE-2021-0368, CVE-2021-0374, CVE-2021-0378, CVE-2021-0379, CVE-2021-0384, CVE-2021-0370, CVE-2021-0372, CVE-2021-0377, CVE-2021-0380, CVE-2021-0383, CVE-2021-0386, CVE-2021-0388, CVE-2021-0371

    Affected Products :
    G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to LGE Security advisory SMR-May-2021 to address this issue and obtain more information.
    Patches
    Android SMR-May-2021
  • CVE-2021-0473+
    In Development

    Google Android May 2021 Security Patch Missing for Samsung

    Severity
    Urgent5
    Qualys ID
    610340
    Vendor Reference
    SMR-May-2021
    CVE Reference
    CVE-2021-0473, CVE-2021-0474, CVE-2021-0475, CVE-2020-11210, CVE-2020-15436, CVE-2020-25705, CVE-2021-0468, CVE-2020-11234, CVE-2020-11191, CVE-2020-11236, CVE-2020-11237, CVE-2020-11242, CVE-2020-11243, CVE-2020-11245, CVE-2020-11246, CVE-2020-11247, CVE-2020-11251, CVE-2020-11252, CVE-2020-11255, CVE-2021-0445, CVE-2021-0428, CVE-2021-0472, CVE-2021-0485, CVE-2021-0487, CVE-2021-0482, CVE-2021-0484, CVE-2021-0476, CVE-2021-0477, CVE-2021-0481, CVE-2021-0466, CVE-2021-0480
    CVSS Scores
    Base 9.1 / Temporal 7.9
    Description
    Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.

    Following security issues were discovered:
    CVE-2021-0473 , CVE-2021-0474 , CVE-2021-0475 , CVE-2020-11210,CVE-2020-15436 , CVE-2020-25705 , CVE-2021-0468 , CVE-2020-11234 , CVE-2020-11191 , CVE-2020-11236 , CVE-2020-11237 , CVE-2020-11242 , CVE-2020-11243 , CVE-2020-11245 , CVE-2020-11246 , CVE-2020-11247 , CVE-2020-11251 , CVE-2020-11252 , CVE-2020-11255 , CVE-2021-0445 , CVE-2021-0428 , CVE-2021-0472 , CVE-2021-0485 , CVE-2021-0487 , CVE-2021-0482 , CVE-2021-0484 , CVE-2021-0476 , CVE-2021-0477 , CVE-2021-0481 , CVE-2021-0466 , CVE-2021-0480

    Affected Products :
    G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to Samsung Security advisory SMR-May-2021 to address this issue and obtain more information.
    Patches
    Android SMR-May-2021
  • CVE-2020-0000
    Under Investigation

    Re-Use

    Severity
    Urgent5
    Qualys ID
    610339
    Vendor Reference
    May 2021
    CVE Reference
    CVE-2020-0000
    CVSS Scores
    Base / Temporal
    Description
    Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.

    Following security issues were discovered:
    CVE-2020-0000

    Affected Devices :
    HUAWEI P series: P30 Pro, P30, P20 Pro, P20
    HUAWEI Mate series: Mate 20 X, Mate 20 Pro, Mate 20, Mate 20 RS, Mate 10 Pro, Mate 10, PORSCHE DESIGN HUAWEI Mate RS

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to HUAWEI Security advisory May 2021 to address this issue and obtain more information.
    Patches
    Android May 2021
  • CVE-2020-11295+
    In Development

    Google Pixel Android May 2021 Security Patch Missing

    Severity
    Urgent5
    Qualys ID
    610337
    Vendor Reference
    Pixel Update Bulletin May2021
    CVE Reference
    CVE-2020-11295, CVE-2020-11294, CVE-2020-11293, CVE-2020-11254, CVE-2020-25656, CVE-2020-27825, CVE-2020-27786
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.

    Following security issues were discovered:
    CVE-2020-11295,CVE-2020-11294,CVE-2020-11293,CVE-2020-11254,CVE-2020-25656,CVE-2020-27825,CVE-2020-27786

    Affected Products :
    Pixel 4 XL, Pixel 4, Pixel 3a XL, Pixel 3a, Pixel 3 XL, Pixel 3, Pixel 2 XL, Pixel 2

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to Google Pixel advisory Google Pixel Android May2021 to address this issue and obtain more information.
    Patches
    Android May 2021
  • CVE-2021-25215
    In Development

    Red Hat Update for bind (RHSA-2021:1469)

    Severity
    Critical4
    Qualys ID
    239269
    Vendor Reference
    RHSA-2021:1469
    CVE Reference
    CVE-2021-25215
    CVSS Scores
    Base / Temporal
    Description
    The Berkeley Internet Name Domain (BIND)
    is an implementation of the Domain Name System (DNS)
    protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es): bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)

    Affected Products:

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for IBM z Systems 7 s390x
    Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Scientific Computing 7 x86_64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1469 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1469
  • CVE-2021-25215
    In Development

    Red Hat Update for bind (RHSA-2021:1477)

    Severity
    Critical4
    Qualys ID
    239268
    Vendor Reference
    RHSA-2021:1477
    CVE Reference
    CVE-2021-25215
    CVSS Scores
    Base / Temporal
    Description
    The Berkeley Internet Name Domain (BIND)
    is an implementation of the Domain Name System (DNS)
    protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es): bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
    Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
    Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
    Red Hat Enterprise Linux Server - AUS 7.7 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
    Red Hat Enterprise Linux Server - TUS 7.7 x86_64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1477 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1477
  • CVE-2021-25215
    In Development

    Red Hat Update for bind (RHSA-2021:1478)

    Severity
    Critical4
    Qualys ID
    239267
    Vendor Reference
    RHSA-2021:1478
    CVE Reference
    CVE-2021-25215
    CVSS Scores
    Base / Temporal
    Description
    The Berkeley Internet Name Domain (BIND)
    is an implementation of the Domain Name System (DNS)
    protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

    Security Fix(es): bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
    Red Hat Enterprise Linux Server - AUS 7.6 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
    Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
    Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
    Red Hat Enterprise Linux Server - TUS 7.6 x86_64
    Red Hat Enterprise Linux for Power 9 7 ppc64le
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
    Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1478 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1478
  • CVE-2020-28935+
    In Development

    Ubuntu Security Notification for Unbound vulnerabilities (USN-4938-1)

    Severity
    Critical4
    Qualys ID
    198356
    Vendor Reference
    USN-4938-1
    CVE Reference
    CVE-2020-28935, CVE-2019-25041, CVE-2019-25036, CVE-2019-25039, CVE-2019-25042, CVE-2019-25034, CVE-2019-25032, CVE-2019-25035, CVE-2019-25038, CVE-2019-25040, CVE-2019-25033, CVE-2019-25037, CVE-2019-25031
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Unbound contained multiple security issues
    Consequence
    A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files
    Solution
    Refer to Ubuntu advisory: USN-4938-1 for affected packages and patching details, or update with your package manager.
    Patches
    Ubuntu Linux USN-4938-1
  • CVE-2020-9492
    In Development

    Apache Hadoop Privilege Escalation Vulnerability

    Severity
    Critical4
    Qualys ID
    375540
    Vendor Reference
    CVE-2020-9492
    CVE Reference
    CVE-2020-9492
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Apache Hadoop is an open-source software framework used for distributed storage and processing of big data sets using the MapReduce programming model.

    CVE-2017-3161: ebHDFS client might send SPNEGO authorization header to remote URL without proper verification. A crafty user can trigger services to send server credentials to a webhdfs path for capturing the service principal.

    Affected Versions:
    Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, 2.0.0-alpha to 2.10.0

    QID Detection Logic:
    This QID matches the versions of vulnerable Apache Hadoop installations by launching a Hadoop version request.

    Consequence
    Successful exploitation could allows privilege escalation.

    Solution
    Customers are advised to upgrade to Apache Hadoop 3.3.0, 3.2.2, 3.1.4, 2.10.1 or later versions to remediate these vulnerabilities.

    Workaround:
    Set different http signature secrets and use dedicated hosts for each privileged impersonation service (such as HiveServer2).

    Patches
    Apache Hadoop
  • CVE-2019-10208+
    In Development

    Red Hat Update for postgresql (RHSA-2021:1512)

    Severity
    Critical4
    Qualys ID
    239266
    Vendor Reference
    RHSA-2021:1512
    CVE Reference
    CVE-2019-10208, CVE-2020-25694, CVE-2020-25695
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    PostgreSQL is an advanced object-relational database management system (DBMS).

    Security Fix(es): postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208)

    Affected Products:

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for IBM z Systems 7 s390x
    Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Scientific Computing 7 x86_64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1512 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1512
  • CVE-2020-25678+
    In Development

    Red Hat Update for Red Hat Ceph Storage (RHSA-2021:1452)

    Severity
    Critical4
    Qualys ID
    239270
    Vendor Reference
    RHSA-2021:1452
    CVE Reference
    CVE-2020-25678, CVE-2021-3139
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage.Perf Tools is a collection of performance analysis tools, including a high performance multi-threaded malloc()
    implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.The tcmu-runner packages provide a service that handles the complexity of the LIO kernel target's userspace passthrough interface (TCMU). It presents a C plugin API for extension modules that handle SCSI requests in ways not possible or suitable to be handled by LIO's in-kernel backstores.

    Security Fix(es): tcmu-runner: SCSI target (LIO)
    write to any block on ILO backstore (CVE-2021-3139) ceph: mgr modules' passwords are in clear text in mgr logs (CVE-2020-25678)

    Affected Products:

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Ceph Storage MON 4 for RHEL 8 x86_64
    Red Hat Ceph Storage MON 4 for RHEL 7 x86_64
    Red Hat Ceph Storage OSD 4 for RHEL 8 x86_64
    Red Hat Ceph Storage OSD 4 for RHEL 7 x86_64
    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Ceph Storage for Power 4 for RHEL 8 ppc64le
    Red Hat Ceph Storage for Power 4 for RHEL 7 ppc64le
    Red Hat Ceph Storage MON for Power 4 for RHEL 8 ppc64le
    Red Hat Ceph Storage MON for Power 4 for RHEL 7 ppc64le
    Red Hat Ceph Storage OSD for Power 4 for RHEL 8 ppc64le
    Red Hat Ceph Storage OSD for Power 4 for RHEL 7 ppc64le
    Red Hat Ceph Storage for IBM z Systems 4 s390x
    Red Hat Ceph Storage MON for IBM z Systems 4 s390x
    Red Hat Ceph Storage OSD for IBM z Systems 4 s390x

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1452 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1452
  • CVE-2021-0497+
    In Development

    Google Android Devices May 2021 Security Patch Missing

    Severity
    Critical4
    Qualys ID
    610338
    Vendor Reference
    Android Security Bulletin May2021
    CVE Reference
    CVE-2021-0497, CVE-2021-0496, CVE-2021-0495, CVE-2021-28664, CVE-2021-28663, CVE-2021-0492, CVE-2021-0491, CVE-2021-0490, CVE-2021-1906, CVE-2021-0498, CVE-2021-0494, CVE-2021-0493, CVE-2021-0324, CVE-2021-0475, CVE-2021-0474, CVE-2021-0477, CVE-2021-0476, CVE-2021-0473, CVE-2021-0472, CVE-2021-1910, CVE-2021-0480, CVE-2021-0481, CVE-2021-0482, CVE-2021-0484, CVE-2021-0485, CVE-2021-0487, CVE-2020-29661, CVE-2021-0489, CVE-2020-11288, CVE-2020-11284, CVE-2020-11285, CVE-2021-1915, CVE-2021-1905, CVE-2020-11279, CVE-2021-1891, CVE-2020-11289, CVE-2021-0466, CVE-2021-0467, CVE-2020-11273, CVE-2020-11274, CVE-2021-1927, CVE-2019-2219
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.

    Following security issues were discovered:
    CVE-2021-0497,CVE-2021-0496,CVE-2021-0495,CVE-2021-28664,CVE-2021-28663,CVE-2021-0492,CVE-2021-0491,CVE-2021-0490,CVE-2021-1906,CVE-2021-0498,CVE-2021-0494,CVE-2021-0493,CVE-2021-0324,CVE-2021-0475,CVE-2021-0474,CVE-2021-0477,CVE-2021-0476,CVE-2021-0473,CVE-2021-0472,CVE-2021-1910,CVE-2021-0480,CVE-2021-0481,CVE-2021-0482,CVE-2021-0484,CVE-2021-0485,CVE-2021-0487,CVE-2020-29661,CVE-2021-0489,CVE-2020-11288,CVE-2020-11284,CVE-2020-11285,CVE-2021-1915,CVE-2021-1905,CVE-2020-11279,CVE-2021-1891,CVE-2020-11289,CVE-2021-0466,CVE-2021-0467,CVE-2020-11273,CVE-2020-11274,CVE-2021-1927,CVE-2019-2219

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to Google advisory Google Android May2021 to address this issue and obtain more information.
    Patches
    Android May 2021
  • CVE-2021-21551
    Under Investigation

    Dell Client Platform Security Update for Insufficient Access Control Vulnerability (DSA-2021-088)

    Severity
    Critical4
    Qualys ID
    375541
    Vendor Reference
    DSA-2021-088
    CVE Reference
    CVE-2021-21551
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Dell Client Platform is affected by an Insufficient Access Control Vulnerability in the Dell dbutil Driver. The vulnerability exists in the dbutil_2_3.sys driver which is installed on Dell Windows machines.

    Affected Products
    The vulnerable driver dbutil_2_3.sys was delivered to impacted systems in two ways: 1 via affected firmware update utility packages, and 2 via Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags

    Consequence
    Successful exploitation of the vulnerability will allow escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

    Solution
    Customers are advised to refer to advisory DSA-2021-088 and apply the required patched to remediate the vulnerability.

    Workaround:
    Manually remove the dbutil_2_3.sys driver, following locations need to checks for the presence of the file
    - C:\Users\username\AppData\Local\Temp
    - C:\Windows\Temp

    Patches
    DSA-2021-088
  • CVE-2020-11669+
    In Development

    Red Hat Update for kernel-alt (RHSA-2021:1379)

    Severity
    Critical4
    Qualys ID
    239271
    Vendor Reference
    RHSA-2021:1379
    CVE Reference
    CVE-2020-11669, CVE-2021-3347, CVE-2021-27364, CVE-2021-27365
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    The kernel-alt packages provide the Linux kernel version 4.x.

    Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)

    Affected Products:

    Red Hat Enterprise Linux for Power 9 7 ppc64le
    Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1379 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1379
  • CVE-2017-17458
    In Development

    EulerOS Security Update for mercurial (EulerOS-SA-2021-1816)

    Severity
    Urgent5
    Qualys ID
    670260
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1816
    CVE Reference
    CVE-2017-17458
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for mercurial to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1816
    Patches
    EulerOS-SA-2021-1816
  • CVE-2018-11805+
    In Development

    EulerOS Security Update for spamassassin (EulerOS-SA-2021-1851)

    Severity
    Urgent5
    Qualys ID
    670224
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1851
    CVE Reference
    CVE-2018-11805, CVE-2020-1946
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for spamassassin to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1851
    Patches
    EulerOS-SA-2021-1851
  • CVE-2020-13936
    In Development

    EulerOS Security Update for velocity (EulerOS-SA-2021-1858)

    Severity
    Urgent5
    Qualys ID
    670217
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1858
    CVE Reference
    CVE-2020-13936
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Euler has released a security update for velocity to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1858
    Patches
    EulerOS-SA-2021-1858
  • CVE-2018-10876+
    In Development

    EulerOS Security Update for kernel (EulerOS-SA-2021-1808)

    Severity
    Urgent5
    Qualys ID
    670269
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1808
    CVE Reference
    CVE-2018-10876, CVE-2020-25656, CVE-2020-27777, CVE-2017-13305, CVE-2021-20261, CVE-2019-12614, CVE-2018-13093, CVE-2019-11815, CVE-2021-27363, CVE-2021-27365, CVE-2021-27364, CVE-2018-16276, CVE-2018-14734, CVE-2020-0427, CVE-2020-0466, CVE-2017-18216, CVE-2019-19319, CVE-2017-7482, CVE-2020-0404, CVE-2020-0465, CVE-2018-10902, CVE-2018-10877, CVE-2018-10880, CVE-2018-9383, CVE-2020-25669, CVE-2020-36158, CVE-2021-3178, CVE-2019-6974, CVE-2019-7221, CVE-2020-27815, CVE-2020-35519, CVE-2021-28972, CVE-2018-7492, CVE-2019-11486, CVE-2016-3857, CVE-2017-17741, CVE-2014-7841, CVE-2016-8660, CVE-2018-10322
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Euler has released a security update for kernel to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1808
    Patches
    EulerOS-SA-2021-1808
  • CVE-2015-8868
    In Development

    EulerOS Security Update for compat-poppler022 (EulerOS-SA-2021-1772)

    Severity
    Urgent5
    Qualys ID
    670304
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1772
    CVE Reference
    CVE-2015-8868
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Euler has released a security update for compat-poppler022 to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1772
    Patches
    EulerOS-SA-2021-1772
  • CVE-2019-2201
    In Development

    EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2021-1810)

    Severity
    Urgent5
    Qualys ID
    670267
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1810
    CVE Reference
    CVE-2019-2201
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Euler has released a security update for libjpeg-turbo to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1810
    Patches
    EulerOS-SA-2021-1810
  • CVE-2018-11531+
    In Development

    EulerOS Security Update for exiv2 (EulerOS-SA-2021-1782)

    Severity
    Critical4
    Qualys ID
    670294
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1782
    CVE Reference
    CVE-2018-11531, CVE-2019-17402, CVE-2018-10999, CVE-2018-16336
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for exiv2 to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1782
    Patches
    EulerOS-SA-2021-1782
  • CVE-2019-14809
    In Development

    EulerOS Security Update for golang (EulerOS-SA-2021-1792)

    Severity
    Critical4
    Qualys ID
    670284
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1792
    CVE Reference
    CVE-2019-14809
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for golang to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1792
    Patches
    EulerOS-SA-2021-1792
  • CVE-2020-12658
    In Development

    EulerOS Security Update for gssproxy (EulerOS-SA-2021-1795)

    Severity
    Critical4
    Qualys ID
    670281
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1795
    CVE Reference
    CVE-2020-12658
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for gssproxy to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1795
    Patches
    EulerOS-SA-2021-1795
  • CVE-2021-20176+
    In Development

    EulerOS Security Update for ImageMagick (EulerOS-SA-2021-1802)

    Severity
    Critical4
    Qualys ID
    670275
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1802
    CVE Reference
    CVE-2021-20176, CVE-2019-15140, CVE-2019-16710, CVE-2019-16709, CVE-2019-16708, CVE-2019-16711, CVE-2019-16713, CVE-2017-9501, CVE-2019-19948, CVE-2019-19949, CVE-2019-14981, CVE-2017-13768, CVE-2019-11472, CVE-2019-15139, CVE-2017-11533
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for ImageMagick to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1802
    Patches
    EulerOS-SA-2021-1802
  • CVE-2020-0182+
    In Development

    EulerOS Security Update for libexif (EulerOS-SA-2021-1809)

    Severity
    Critical4
    Qualys ID
    670268
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1809
    CVE Reference
    CVE-2020-0182, CVE-2020-0452
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for libexif to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1809
    Patches
    EulerOS-SA-2021-1809
  • CVE-2020-35524+
    In Development

    EulerOS Security Update for libtiff (EulerOS-SA-2021-1813)

    Severity
    Critical4
    Qualys ID
    670263
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1813
    CVE Reference
    CVE-2020-35524, CVE-2020-35523, CVE-2017-9404, CVE-2017-9117, CVE-2017-5563
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for libtiff to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1813
    Patches
    EulerOS-SA-2021-1813
  • CVE-2018-11574
    In Development

    EulerOS Security Update for ppp (EulerOS-SA-2021-1834)

    Severity
    Critical4
    Qualys ID
    670242
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1834
    CVE Reference
    CVE-2018-11574
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for ppp to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1834
    Patches
    EulerOS-SA-2021-1834
  • CVE-2021-3177+
    In Development

    EulerOS Security Update for python (EulerOS-SA-2021-1835)

    Severity
    Critical4
    Qualys ID
    670241
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1835
    CVE Reference
    CVE-2021-3177, CVE-2021-23336
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for python to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1835
    Patches
    EulerOS-SA-2021-1835
  • CVE-2021-26937
    In Development

    EulerOS Security Update for screen (EulerOS-SA-2021-1848)

    Severity
    Critical4
    Qualys ID
    670227
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1848
    CVE Reference
    CVE-2021-26937
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for screen to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1848
    Patches
    EulerOS-SA-2021-1848
  • CVE-2019-18679+
    In Development

    EulerOS Security Update for squid (EulerOS-SA-2021-1852)

    Severity
    Critical4
    Qualys ID
    670223
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1852
    CVE Reference
    CVE-2019-18679, CVE-2019-18677, CVE-2019-18676, CVE-2020-14058, CVE-2019-12526, CVE-2019-12523, CVE-2020-25097
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for squid to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1852
    Patches
    EulerOS-SA-2021-1852
  • CVE-2021-27135
    In Development

    EulerOS Security Update for xterm (EulerOS-SA-2021-1864)

    Severity
    Critical4
    Qualys ID
    670211
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1864
    CVE Reference
    CVE-2021-27135
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for xterm to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1864
    Patches
    EulerOS-SA-2021-1864
  • CVE-2020-14372+
    In Development

    EulerOS Security Update for grub2 (EulerOS-SA-2021-1794)

    Severity
    Critical4
    Qualys ID
    670282
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1794
    CVE Reference
    CVE-2020-14372, CVE-2020-25647, CVE-2021-20233, CVE-2020-27779, CVE-2021-20225, CVE-2020-25632
    CVSS Scores
    Base 8.2 / Temporal 7.1
    Description
    Euler has released a security update for grub2 to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1794
    Patches
    EulerOS-SA-2021-1794
  • CVE-2018-7418+
    In Development

    EulerOS Security Update for wireshark (EulerOS-SA-2021-1859)

    Severity
    Critical4
    Qualys ID
    670216
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1859
    CVE Reference
    CVE-2018-7418, CVE-2019-10903, CVE-2019-10894, CVE-2019-10901, CVE-2019-10895, CVE-2019-10899, CVE-2018-5336, CVE-2018-14340, CVE-2018-14368, CVE-2018-14341, CVE-2018-16057, CVE-2018-19622, CVE-2018-11362
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Euler has released a security update for wireshark to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1859
    Patches
    EulerOS-SA-2021-1859
  • CVE-2017-10988
    In Development

    EulerOS Security Update for freeradius (EulerOS-SA-2021-1784)

    Severity
    Critical4
    Qualys ID
    670292
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1784
    CVE Reference
    CVE-2017-10988
    CVSS Scores
    Base 7.3 / Temporal 6.4
    Description
    Euler has released a security update for freeradius to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1784
    Patches
    EulerOS-SA-2021-1784
  • CVE-2021-20277
    In Development

    EulerOS Security Update for libldb (EulerOS-SA-2021-1811)

    Severity
    Critical4
    Qualys ID
    670266
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1811
    CVE Reference
    CVE-2021-20277
    CVSS Scores
    Base 7.3 / Temporal 6.4
    Description
    Euler has released a security update for libldb to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1811
    Patches
    EulerOS-SA-2021-1811
  • CVE-2021-3472
    In Development

    EulerOS Security Update for xorg-x11-server (EulerOS-SA-2021-1863)

    Severity
    Critical4
    Qualys ID
    670212
    Date Published
    May 7, 2021
    Vendor Reference
    EulerOS-SA-2021-1863
    CVE Reference
    CVE-2021-3472
    CVSS Scores
    Base 7.3 / Temporal 6.4
    Description
    Euler has released a security update for xorg-x11-server to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP3

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1863
    Patches
    EulerOS-SA-2021-1863
  • In Development

    EOL/Obsolete Software: Puppet Server Prior to 6.15.x Detected

    Severity
    Urgent5
    Qualys ID
    650046
    Vendor Reference
    Puppet Lifecycle
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting.

    Puppet Server 5.x (PE 2018.1.Z) end of life date of January 31, 2021.
    Puppet server 6.x (2019.8) before 6.15 are not supported

    Affected Versions:
    Puppet Server version before 6.15

    QID Detection Logic:(Unauthenticated)
    This QID sends a crafted GET request to check the vulnerable version of puppet server .

    Consequence
    The system is at high risk of being exposed to security vulnerabilities. Because the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.

    Solution
    Upgrade to the latest version of Puppet Server. Please refer to Puppet Server and Product Support Lifecycle
  • CVE-2020-28007+
    Recently Published

    Debian Security Update for exim4 (DLA 2650-1)(21Nails)

    Severity
    Urgent5
    Qualys ID
    178577
    Date Published
    May 6, 2021
    Vendor Reference
    DLA 2650-1
    CVE Reference
    CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28019, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released security update for exim4 to fix the vulnerabilities.

    Consequence
    Successful exploitation allows an attacker to compromise the system.
    Solution
    Refer to Debian LTS Announce DLA 2650-1 to address this issue and obtain further details.
    Patches
    Debian DLA 2650-1
  • CVE-2021-23010
    In Development

    F5 BIG-IP ASM WebSocket vulnerability(K18570111)

    Severity
    Critical4
    Qualys ID
    375530
    Vendor Reference
    K18570111
    CVE Reference
    CVE-2021-23010
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

    CVE-2021-23010: When the BIG-IP ASM system processes WebSocket requests with JSON payloads using the default JSON content profile in the ASM security policy, the BIG-IP ASM bd process may produce a core file.

    Vulnerable Component: BIG-IP ASM

    Affected Versions:
    16.0.0 - 16.0.1
    15.1.0 - 15.1.1
    14.1.0 - 14.1.3
    13.1.0 - 13.1.3
    12.1.0 - 12.1.5

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    When this vulnerability is exploited, the BIG-IP ASM bd process may produce a core file, interrupt traffic processing, and cause a failover event.

    Solution
    The vendor has released any patch, for more information please visit: K18570111

    Patches
    K18570111
  • CVE-2021-1871+
    Recently Published

    SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1499-1)

    Severity
    Critical4
    Qualys ID
    174986
    Date Published
    May 6, 2021
    Vendor Reference
    SUSE-SU-2021:1499-1
    CVE Reference
    CVE-2021-1871, CVE-2021-1789, CVE-2021-1765, CVE-2020-27918, CVE-2021-1788, CVE-2021-1801, CVE-2021-1870, CVE-2021-1844, CVE-2020-29623, CVE-2021-1799
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This update for webkit2gtk3 fixes the following issues:

    - Update to version 2.32.0 (bsc#1184155):
    * Fix the authentication request port when URL omits the port.
    * Fix iframe scrolling when main frame is scrolled in async
    * scrolling mode.
    * Stop using g_memdup.
    * Show a warning message when overriding signal handler for
    * threading suspension.
    * Fix the build on RISC-V with GCC 11.
    * Fix several crashes and rendering issues.
    * Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
    - Update in version 2.30.6 (bsc#1184262):
    * Update user agent quirks again for Google Docs and Google Drive.
    * Fix several crashes and rendering issues.
    * Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765
    CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.
    - Update _constraints for armv6/armv7 (bsc#1182719)
    - restore NPAPI plugin support which was removed in 2.32.0
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1499-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1499-1
  • CVE-2021-25214+
    Recently Published

    SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1469-1)

    Severity
    Critical4
    Qualys ID
    174977
    Date Published
    May 6, 2021
    Vendor Reference
    SUSE-SU-2021:1469-1
    CVE Reference
    CVE-2021-25214, CVE-2021-25215, CVE-2021-25216
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    This update for bind fixes the following issues:

    - CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
    which could have caused named to terminate unexpectedly (bsc#1185345).
    - CVE-2021-25215: Fixed an assertion check which could have failed while
    answering queries for DNAME records that required the DNAME to be
    processed to resolve itself (bsc#1185345).
    - CVE-2021-25216: Fixed an issue where policy negotiation can be targeted
    by a buffer overflow attack (bsc#1185345).
    - MD5 warning message using host, dig, nslookup (bind-utils) with FIPS
    enabled (bsc#1181495).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1469-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1469-1
  • CVE-2021-20270
    In Development

    SUSE Enterprise Linux Security Update for python-Pygments (SUSE-SU-2021:1500-1)

    Severity
    Critical4
    Qualys ID
    174980
    Vendor Reference
    SUSE-SU-2021:1500-1
    CVE Reference
    CVE-2021-20270
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    This update for python-Pygments fixes the following issues:

    - CVE-2021-20270: Fixed an infinite loop in SML lexer which may lead to
    DoS (bsc#1183169)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1500-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1500-1
  • CVE-2021-25214+
    Recently Published

    SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1468-1)

    Severity
    Critical4
    Qualys ID
    174979
    Date Published
    May 6, 2021
    Vendor Reference
    SUSE-SU-2021:1468-1
    CVE Reference
    CVE-2021-25214, CVE-2021-25215
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    This update for bind fixes the following issues:

    - CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
    which could have caused named to terminate unexpectedly (bsc#1185345).
    - CVE-2021-25215: Fixed an assertion check which could have failed while
    answering queries for DNAME records that required the DNAME to be
    processed to resolve itself (bsc#1185345).
    - MD5 warning message using host, dig, nslookup (bind-utils) on SLES 12
    SP5 with FIPS enabled (bsc#1181495).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1468-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1468-1
  • CVE-2021-25214+
    In Development

    SUSE Enterprise Linux Security Update for bind (SUSE-SU-2021:1471-1)

    Severity
    Critical4
    Qualys ID
    174978
    Vendor Reference
    SUSE-SU-2021:1471-1
    CVE Reference
    CVE-2021-25214, CVE-2021-25215
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    This update for bind fixes the following issues:

    - CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
    which could have caused named to terminate unexpectedly (bsc#1185345).
    - CVE-2021-25215: Fixed an assertion check which could have failed while
    answering queries for DNAME records that required the DNAME to be
    processed to resolve itself (bsc#1185345).
    - make /usr/bin/delv in bind-tools position independent (bsc#1183453).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1471-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1471-1
  • CVE-2021-20288
    In Development

    SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1474-1)

    Severity
    Critical4
    Qualys ID
    174976
    Vendor Reference
    SUSE-SU-2021:1474-1
    CVE Reference
    CVE-2021-20288
    CVSS Scores
    Base 7.2 / Temporal 6.3
    Description
    This update for ceph fixes the following issues:

    - ceph was updated to 15.2.11-83-g8a15f484c2:
    * CVE-2021-20288: Fixed unauthorized global_id reuse (bsc#1183074).
    * disk gets replaced with no rocksdb/wal (bsc#1184231).
    * BlueStore handles huge(>4GB) writes from RocksDB to BlueFS poorly,
    potentially causing data corruption (bsc#1183899).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1474-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1474-1
  • CVE-2020-25678+
    Recently Published

    SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1473-1)

    Severity
    Critical4
    Qualys ID
    174975
    Date Published
    May 6, 2021
    Vendor Reference
    SUSE-SU-2021:1473-1
    CVE Reference
    CVE-2020-25678, CVE-2021-20288, CVE-2020-27839
    CVSS Scores
    Base 7.2 / Temporal 6.3
    Description
    This update for ceph fixes the following issues:

    - ceph was updated to 14.2.20-402-g6aa76c6815:
    * CVE-2021-20288: Fixed unauthorized global_id reuse (bsc#1183074).
    * CVE-2020-25678: Do not add sensitive information in Ceph log files
    (bsc#1178905).
    * CVE-2020-27839: Use secure cookies to store JWT Token (bsc#1179997).
    * mgr/dashboard: prometheus alerting: add some leeway for package
    drops and errors (bsc#1145463)
    * mon: have 'mon stat' output json as well (bsc#1174466)
    * rpm: ceph-mgr-dashboard recommends python3-saml on SUSE (bsc#1177200)
    * mgr/dashboard: Display a warning message in Dashboard when debug
    mode is enabled (bsc#1178235)
    * rgw: cls/user: set from_index for reset stats calls (bsc#1178837)
    * mgr/dashboard: Disable TLS 1.0 and 1.1 (bsc#1178860)
    * bluestore: provide a different name for fallback allocator
    (bsc#1180118)
    * test/run-cli-tests: use cram from github (bsc#1181378)
    * mgr/dashboard: fix "Python2 Cookie module import fails on Python3"
    (bsc#1183487)
    * common: make ms_bind_msgr2 default to 'false' (bsc#1180594)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1473-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1473-1
  • CVE-2021-20254+
    Recently Published

    SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1498-1)

    Severity
    Critical4
    Qualys ID
    174982
    Date Published
    May 6, 2021
    Vendor Reference
    SUSE-SU-2021:1498-1
    CVE Reference
    CVE-2021-20254, CVE-2021-20277, CVE-2020-27840
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for samba fixes the following issues:

    - CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold
    (bsc#1183574).
    - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
    (bsc#1184677).
    - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad
    DNs (bsc#1183572).
    - Avoid free'ing our own pointer in memcache when memcache_trim attempts
    to reduce cache size (bsc#1179156).
    - s3-libads: use dns name to open a ldap session (bsc#1184310).
    - Adjust smbcacls '--propagate-inheritance' feature to align with upstream
    (bsc#1178469).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1498-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1498-1
  • CVE-2021-20254
    Recently Published

    SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1492-1)

    Severity
    Critical4
    Qualys ID
    174981
    Date Published
    May 6, 2021
    Vendor Reference
    SUSE-SU-2021:1492-1
    CVE Reference
    CVE-2021-20254
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for samba fixes the following issues:

    - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
    (bsc#1184677).
    - Avoid free'ing our own pointer in memcache when memcache_trim attempts
    to reduce cache size (bsc#1179156).
    - Adjust smbcacls '--propagate-inheritance' feature to align with upstream
    (bsc#1178469).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1492-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1492-1
  • In Development

    SUSE Enterprise Linux Security Update for permissions (SUSE-SU-2021:1466-1)

    Severity
    Critical4
    Qualys ID
    174974
    Vendor Reference
    SUSE-SU-2021:1466-1
    CVSS Scores
    Base 5.6 / Temporal 4.9
    Description
    This update for permissions fixes the following issues:

    - etc/permissions: remove unnecessary entries (bsc#1182899)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1466-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1466-1
  • CVE-2021-3479+
    In Development

    SUSE Enterprise Linux Security Update for openexr (SUSE-SU-2021:1489-1)

    Severity
    Critical4
    Qualys ID
    174984
    Vendor Reference
    SUSE-SU-2021:1489-1
    CVE Reference
    CVE-2021-3479, CVE-2021-26260, CVE-2021-3477, CVE-2021-20296, CVE-2021-23215
    CVSS Scores
    Base 5.5 / Temporal 4.8
    Description
    This update for openexr fixes the following issues:

    - CVE-2021-23215: Fixed an integer-overflow in
    Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185216).
    - CVE-2021-26260: Fixed an Integer-overflow in
    Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185217).
    - CVE-2021-20296: Fixed a Null Pointer dereference in
    Imf_2_5:hufUncompress (bsc#1184355).
    - CVE-2021-3477: Fixed a Heap-buffer-overflow in
    Imf_2_5::DeepTiledInputFile::readPixelSampleCounts (bsc#1184353).
    - CVE-2021-3479: Fixed an Out-of-memory caused by allocation of a very
    large buffer (bsc#1184354).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1489-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1489-1
  • CVE-2020-0543
    In Development

    SUSE Enterprise Linux Security Update for sca-patterns-sle11 (SUSE-SU-2021:1497-1)

    Severity
    Critical4
    Qualys ID
    174983
    Vendor Reference
    SUSE-SU-2021:1497-1
    CVE Reference
    CVE-2020-0543
    CVSS Scores
    Base 5.5 / Temporal 4.8
    Description
    This update for sca-patterns-sle11 fixes the following issues:

    - New regular patterns (1) for version 1.3.1
    * Special Register Buffer Data Sampling aka CrossTalk (CVE-2020-0543)
    (bsc#1154824)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1497-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1497-1
  • CVE-2020-4682
    In Development

    IBM MQ Remote Code Execution Vulnerability(6408626)

    Severity
    Urgent5
    Qualys ID
    375523
    Vendor Reference
    6408626
    CVE Reference
    CVE-2020-4682
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The IBM MQ Appliance is a hardware product that provides IBM MQ ready installed and ready to use.

    An issue was found within the IBM MQ Java and JMS client libraries that could allow an attacker to execute a remote code execution attack.

    Affected Versions:

    IBM MQ 9.2.0
    IBM MQ 9.1.0
    IBM MQ 9.0.0
    IBM MQ 8.0.0
    IBM MQ 7.5.0
    Operating System: Windows
    It checks for vulnerable IBM MQ/WebSphere MQ versions.
    Operating System: Linux
    The QID executes /opt/mqm/bin/dspmqver -v | grep -A3 '^Name' to see if the system is running a vulnerable version of IBM MQ or not.

    Consequence
    Successful exploitation of this vulnerability could allow an attacker to execute a remote code execution attack.

    Solution
    The vendor has released a fix to resolve the issue, please refer to 6408626 for more information.

    Patches
    6408626
  • CVE-2021-25215
    In Development

    ISC BIND Assertion Failure Vulnerability

    Severity
    Critical4
    Qualys ID
    15126
    Vendor Reference
    BIND CVE-2021-25215
    CVE Reference
    CVE-2021-25215
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols.

    Affected software:
    BIND 9.0.0 -> 9.11.29
    BIND 9.12.0 -> 9.16.13
    BIND 9.9.3-S1 -> 9.11.29-S1
    BIND 9.16.8-S1 -> 9.16.13-S1
    BIND 9.17.0 -> 9.17.11

    Patched Versions:
    BIND 9.11.31
    BIND 9.16.15
    BIND 9.17.12
    BIND 9.11.31-S1
    BIND 9.16.15-S1

    QID Detection Logic:
    This unauthenticated check detects vulnerable systems by fetching the version information from the BIND service.

    Consequence
    Successfully exploitation could affects integrity, availability, confidentiality

    Solution
    Customers are advised to upgrade to the patched version 9.11.31, 9.16.15, 9.17.12, 9.11.31-S1, 9.16.15-S1 or latest release of ISC BIND.
    Patches
    BIND CVE-2021-25215
  • CVE-2021-25216
    In Development

    ISC BIND Buffer Overflow Vulnerability

    Severity
    Critical4
    Qualys ID
    15124
    Vendor Reference
    BIND CVE-2021-25216
    CVE Reference
    CVE-2021-25216
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols.

    CVE-2021-25216: A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack. Affected software:
    BIND 9.5.0 -> 9.11.29
    BIND 9.12.0 -> 9.16.13
    BIND 9.11.3-S1 -> 9.11.29-S1
    BIND 9.16.8-S1 -> 9.16.13-S1
    BIND 9.17.0 -> 9.17.1

    Patched Versions:
    BIND 9.11.31
    BIND 9.16.15
    BIND 9.11.31-S1
    BIND 9.16.15-S1

    QID Detection Logic:
    This unauthenticated check detects vulnerable systems by fetching the version information from the BIND service.

    Consequence
    Successfully exploitation could affects integrity, availability, confidentiality

    Solution
    Customers are advised to upgrade to the patched version 9.11.31, 9.16.15, 9.11.31-S1, 9.16.15-S1 or latest release of ISC BIND.Workaround:
    This vulnerability only affects servers configured to use GSS-TSIG, most often to sign dynamic updates. If another mechanism can be used to authenticate updates, the vulnerability can be avoided by choosing not to enable the use of GSS-TSIG features. Prior to the April 2021 BIND releases, on some platforms it was possible to build a working BIND installation that was not vulnerable to CVE-2021-25216 by providing the --disable-isc-spnego command-line argument when running the ./configure script in the top level of the BIND source directory, before compiling and linking named. After the April 2021 BIND releases, all supported branches have removed isc-spnego support. This corrects CVE-2021-25216, but requires that the system have other libraries and header files to support GSS-TSIG functionality, unless such functionality is completely disabled at build time by providing the --without-gssapi argument to the ./configurescript when selecting build options.
    Patches
    BIND CVE-2021-25216
  • CVE-2021-29468
    Recently Published

    Cygwin Git Package Remote Code Execution

    Severity
    Critical4
    Qualys ID
    375525
    Date Published
    May 6, 2021
    Vendor Reference
    CVE-2021-29468
    CVE Reference
    CVE-2021-29468
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Cygwin is a Linux-style operating environment for Microsoft Windows.

    Cywin git package is affected to execute arbitrary code as soon as the repository is checked out.

    Affected Versions:
    Cygwin git package version prior to 2.31.1-2

    QID Detection Logic (authenticated):
    The QID flags if it finds a vulnerable version of the git package in installed file. The location of the file is determined by the key "HKLM\SOFTWARE\Cygwin\setup", value "rootdir". The file is present in the <rootdir>\etc\setup folder.

    Consequence
    Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code as soon as the repository is checked out.

    Solution
    Upgrade to Cygwin git package to version 2.31.1-2 or later. For more information, please refer to the vendor advisory for affected Cygwin

    Patches
    Windows Cygwin Git
  • CVE-2021-20230
    In Development

    SUSE Enterprise Linux Security Update for stunnel (SUSE-SU-2021:1465-1)

    Severity
    Critical4
    Qualys ID
    174973
    Vendor Reference
    SUSE-SU-2021:1465-1
    CVE Reference
    CVE-2021-20230
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    This update for stunnel fixes the following issues:

    - Security fix: [bsc#1177580, bsc#1182529, CVE-2021-20230]
    * "redirect" option does not properly handle "verifyChain = yes"
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1465-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1465-1
  • CVE-2021-22206+
    Recently Published

    GitLab Multiple Security Vulnerabilities(gitlab- 13-11-2, 13-10-4, 13-9-7)

    Severity
    Critical4
    Qualys ID
    375522
    Date Published
    May 6, 2021
    Vendor Reference
    Gitlab
    CVE Reference
    CVE-2021-22206, CVE-2021-22208, CVE-2021-22209, CVE-2021-22210, CVE-2021-22211
    CVSS Scores
    Base 9.4 / Temporal 8.2
    Description
    GitLab, the software, is a web-based Git repository manager with wiki and issue tracking features.

    All versions starting with 13.8: Read API scoped tokens can execute mutations
    All versions starting with 11.6: Pull mirror credentials were exposed
    All versions starting with 13.2: Denial of Service when querying repository branches API
    All versions prior to 13.5: Non-owners can set system_note_timestamp when creating / updating issues
    All versions starting from 13.7: DeployToken will impersonate a User with the same ID when using Dependency Proxy

    Affected Versions:
    All version starting with 13.8
    All versions starting with 11.6
    All versions starting with 13.2
    All versions prior to 13.5
    All versions of Gitlab EE/CE starting with 13.7

    QID Detection Logic:(Authenticated)
    It fires gitlab-rake gitlab:env:info command to check vulnerable version of GitLab.

    Consequence
    Successful exploitation of these vulnerabilities allow sensitive data leak or DOS.
    Solution
    The vendor has released patch, For more information please visit gitlab-13-11-2
    Patches
    GitLab Security Release
  • CVE-2020-15078
    Recently Published

    OpenVpn 2.5.1 and earlier Authentication Bypass (excluding 2.4.11)

    Severity
    Critical4
    Qualys ID
    375518
    Date Published
    May 6, 2021
    Vendor Reference
    OpenVpn
    CVE Reference
    CVE-2020-15078
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    OpenVPN is an OpenSSL based tunneling application to securely tunnel IP networks over the TCP and UDP protocols.

    Vulnerability allows a remote attackers to bypass authentication.

    Affected Versions:
    OpenVPN 2.5.1 and earlier (except 2.4.11)

    Consequence
    Successful exploitation of this vulnerability allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
    Solution
    Users are advised to upgrade to the latest version of the software available. Latest version of the software can be downloaded from OpenVPN
    Patches
    Windows OpenVpn
  • CVE-2021-23358
    Recently Published

    Ubuntu Security Notification for Underscore vulnerability (USN-4913-2)

    Severity
    Critical4
    Qualys ID
    198346
    Date Published
    May 6, 2021
    Vendor Reference
    USN-4913-2
    CVE Reference
    CVE-2021-23358
    CVSS Scores
    Base 7.2 / Temporal 6.3
    Description
    Underscore incorrectly handled certain inputs
    Consequence
    An attacker could possibly use this issue to inject arbitrary code
    Solution
    Refer to Ubuntu advisory: USN-4913-2 for affected packages and patching details, or update with your package manager.
    Patches
    Ubuntu Linux USN-4913-2
  • CVE-2020-25671+
    Recently Published

    Amazon Linux Security Advisory for kernel: ALAS2-2021-1627

    Severity
    Critical4
    Qualys ID
    352274
    Date Published
    May 6, 2021
    Vendor Reference
    ALAS-2021-1627
    CVE Reference
    CVE-2020-25671, CVE-2019-19060, CVE-2019-7308, CVE-2020-25670, CVE-2020-25672, CVE-2020-27171, CVE-2021-28660, CVE-2021-28688, CVE-2021-28964, CVE-2021-28972, CVE-2021-29154, CVE-2021-29265, CVE-2021-29647, CVE-2021-3483
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    <DIV ID="issue_overview">
    A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. (CVE-2019-19060 )
    A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel. The code in the kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. (CVE-2019-7308 )
    A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. (CVE-2020-25670 )
    A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. (CVE-2020-25671 )
    A memory leak vulnerability was found in Linux kernel in llcp_sock_connect. (CVE-2020-25672 )
    A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A flaw that triggers Integer underflow when restricting speculative pointer arithmetic allows unprivileged local users to leak the content of kernel memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2020-27171 )
    A flaw was found in the Linux kernel. The rtw_wx_set_scan driver allows writing beyond the end of the ->ssid[] array. The highest threat from this vulnerability is to data confidentiality and integrity as well system availability. (CVE-2021-28660 )
    The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11. (CVE-2021-28688)
    A race condition flaw was found in get_old_root in fs/btrfs/ctree.c in the Linux kernel in btrfs file-system. This flaw allows a local attacker with a special user privilege to cause a denial of service due to not locking an extent buffer before a cloning operation. The highest threat from this vulnerability is to system availability. (CVE-2021-28964 )
    A flaw in the Linux kernels implementation of the RPA PCI Hotplug driver for power-pc. A user with permissions to write to the sysfs settings for this driver can trigger a buffer overflow when writing a new device name to the driver from userspace, overwriting data in the kernel's stack. (CVE-2021-28972 )
    A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF ve</DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1627 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS-2021-1627
  • CVE-2018-14670
    Recently Published

    ClickHouse Incorrect Configuration Vulnerability

    Severity
    Critical4
    Qualys ID
    375498
    Date Published
    May 6, 2021
    Vendor Reference
    ClickHouse 1.1.54131
    CVE Reference
    CVE-2018-14670
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    ClickHouse is an open-source column-oriented DBMS for online analytical processing.

    ClickHouse is vulnerable to multiple vulnerabilities

    Affected Versions:
    Prior to ClickHouse version 1.1.54131

    QID Detection Logic:
    This QID uses command clickhouse-client to get the version from the linux system

    Consequence
    Incorrect configuration in deb package could lead to the unauthorized use of the database.

    Solution
    Please refer to advisory clickhouse release 1.1.54131
    Patches
    ClickHouse Release 1.1.54131
  • CVE-2020-35189
    Recently Published

    Kong Docker Image Weak Authentication Vulnerability

    Severity
    Urgent5
    Qualys ID
    730047
    Date Published
    May 6, 2021
    Vendor Reference
    Kong Docker
    CVE Reference
    CVE-2020-35189
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Kong is a scalable, open source API Platform (also known as an API Gateway or API Middleware).

    Affected Versions:

    Kong docker images before 1.0.2-alpine (Alpine specific)

    QID Detection Logic:
    This QID checks for the vulnerable version of Kong Docker.

    Consequence
    System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.

    Solution
    Upgrade to the Kong docker 1.0.2 or to the latest version of Kong docker. Please refer to Kong docker Website.

    Patches
    Kong Docker
  • CVE-2021-30666+
    Recently Published

    Apple iOS 12.5.3 Security Update Missing (HT212341)

    Severity
    Urgent5
    Qualys ID
    610336
    Date Published
    May 5, 2021
    Vendor Reference
    HT212341
    CVE Reference
    CVE-2021-30666, CVE-2021-30665, CVE-2021-30663, CVE-2021-30661
    CVSS Scores
    Base / Temporal
    Description
    iOS is a mobile operating system created and developed by Apple Inc.

    Following security issues are observed :
    A buffer overflow issue was addressed with improved memory handling. CVE-2021-30666
    A memory corruption issue was addressed with improved state management. CVE-2021-30665
    An integer overflow was addressed with improved input validation. CVE-2021-30663
    A use after free issue was addressed with improved memory management. CVE-2021-30661

    Affected Devices
    iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to Apple advisory HT212341 for patching details.
    Patches
    iOS HT212341
  • CVE-2021-30665+
    Recently Published

    Apple iOS 14.5.1 and iPadOS 14.5.1 Security Update Missing (HT212336)

    Severity
    Urgent5
    Qualys ID
    610335
    Date Published
    May 5, 2021
    Vendor Reference
    HT212336
    CVE Reference
    CVE-2021-30665, CVE-2021-30663
    CVSS Scores
    Base / Temporal
    Description
    iOS is a mobile operating system created and developed by Apple Inc.

    Following security issues are observed :
    A memory corruption issue was addressed with improved state management. CVE-2021-30665
    An integer overflow was addressed with improved input validation. CVE-2021-30663

    Affected Devices
    iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to Apple advisory HT212336 for patching details.
    Patches
    iOS HT212336
  • CVE-2020-28007+
    Recently Published

    Ubuntu Security Notification for Exim4 Vulnerabilities (USN-4934-1) (21Nails)

    Severity
    Urgent5
  • CVE-2020-28007+
    Recently Published

    Debian Security Update for exim4 (DSA 4912-1) (21Nails)

    Severity
    Urgent5
    Qualys ID
    178576
    Date Published
    May 5, 2021
    Vendor Reference
    DSA 4912-1
    CVE Reference
    CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28019, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Debian has released security update for exim4 to fix the vulnerabilities.

    Consequence
    Successful exploitation allows an attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4912-1 to address this issue and obtain further details.
    Patches
    Debian DSA 4912-1
  • CVE-2020-13942
    Recently Published

    Apache Unomi Remote Code Execution Vulnerability

    Severity
    Critical4
    Qualys ID
    730069
    Date Published
    May 5, 2021
    Vendor Reference
    CVE-2020-13942
    CVE Reference
    CVE-2020-13942
    CVSS Scores
    Base 9.8 / Temporal 8.8
    Description
    Apache Unomi is a REST server that manages user-profiles and events related to the profiles.

    Apache Unomi allowed remote attackers to send malicious requests with MVEL and OGNL expressions that could contain arbitrary classes, resulting in Remote Code Execution (RCE) with the privileges of the Unomi application.

    Affected Versions:
    This vulnerability affects all versions of Apache Unomi prior to 1.5.2

    QID Detection Logic (Authenticated):
    This QID sends HTTP POST payloads to URL "/context.json".

    Consequence
    Successful exploitation of this issue may allow an attacker to execute code.
    Solution

    Refer to CVE-2020-13942: Remote Code Execution in Apache Unomi for more information about patching this vulnerability.

    Patches
    CVE-2020-13942
  • CVE-2021-21227+
    Recently Published

    Microsoft Edge Based On Chromium Prior to 90.0.818.51 Multiple Vulnerabilities

    Severity
    Critical4
    Qualys ID
    375526
    Date Published
    May 5, 2021
    Vendor Reference
    CVE-2021-21227, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231, CVE-2021-21232, CVE-2021-21233
    CVE Reference
    CVE-2021-21227, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231, CVE-2021-21232, CVE-2021-21233
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Microsoft Edge is a cross-platform web browser developed by Microsoft.

    Microsoft Edge based on Chromium is affected by the following vulnerabilities:
    CVE-2021-21227: Insufficient data validation in V8.
    CVE-2021-21228: Insufficient policy enforcement in extensions.
    CVE-2021-21229: Incorrect security UI in downloads.
    CVE-2021-21230: Type Confusion in V8.
    CVE-2021-21231: Insufficient data validation in V8.
    CVE-2021-21232: Use after free in Dev Tools.
    CVE-2021-21233: Heap buffer overflow in ANGLE.
    QID Detection Logic: (authenticated)
    Operating System: Windows
    The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.

    Consequence
    Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary code on target system.

    Solution
    Customers are advised to upgrade to version
    For further details refer to 90.0.818.51 or later
    Patches
    CVE-2021-21227
  • CVE-2020-13558+
    Recently Published

    Gentoo Linux WebkitGTK+ Multiple Vulnerabilities (GLSA 202104-03)

    Severity
    Critical4
    Qualys ID
    710013
    Date Published
    May 5, 2021
    Vendor Reference
    GLSA 202104-03
    CVE Reference
    CVE-2020-13558, CVE-2020-27918, CVE-2020-29623, CVE-2020-9947, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Gentoo Linux is a Linux distribution

    Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code.

    Affected Package: - net-libs/webkit-gtk

    Affected version: Prior to 2.30.6

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    The Vendor has released security update to fix the vulnerability. For more information please visit 202104-03
    Patches
    202104-03
  • CVE-2018-16875+
    In Development

    SUSE Enterprise Linux Security Update for containerd, docker, runc (SUSE-SU-2021:1458-1)

    Severity
    Critical4
    Qualys ID
    174971
    Vendor Reference
    SUSE-SU-2021:1458-1
    CVE Reference
    CVE-2018-16875, CVE-2021-21285, CVE-2021-21334, CVE-2019-16884, CVE-2019-5736, CVE-2021-21284, CVE-2018-16873, CVE-2018-16874, CVE-2019-19921
    CVSS Scores
    Base 8.6 / Temporal 7.5
    Description
    This update for containerd, docker, runc fixes the following issues:

    - Docker was updated to 20.10.6-ce
    * Switch version to use -ce suffix rather than _ce to avoid confusing
    other tools (bsc#1182476).
    * CVE-2021-21284: Fixed a potential privilege escalation when the root
    user in the remapped namespace has access to the host filesystem
    (bsc#1181732)
    * CVE-2021-21285: Fixed an issue where pulling a malformed Docker image
    manifest crashes the dockerd daemon (bsc#1181730).

    - runc was updated to v1.0.0~rc93 (bsc#1182451 and bsc#1184962).
    * Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821).
    * Fixed /dev/null is not available (bsc#1168481).
    * Fixed an issue where podman hangs when spawned by salt-minion process
    (bsc#1149954).
    * CVE-2019-19921: Fixed a race condition with shared mounts
    (bsc#1160452).
    * CVE-2019-16884: Fixed an LSM bypass via malicious Docker image that
    mount
    over a /proc directory (bsc#1152308).
    * CVE-2019-5736: Fixed potential write attacks to the host runc binary
    (bsc#1121967).
    * Fixed an issue where after a kernel-update docker doesn't run
    (bsc#1131314 bsc#1131553)
    * Ensure that we always include the version information in runc
    (bsc#1053532).

    - Switch to Go 1.13 for build.
    * CVE-2018-16873: Fixed a potential remote code execution (bsc#1118897).
    * CVE-2018-16874: Fixed a directory traversal in "go get" via curly
    braces in import paths (bsc#1118898).
    * CVE-2018-16875: Fixed a CPU denial of service (bsc#1118899).
    * Fixed an issue with building containers (bsc#1095817).

    - containerd was updated to v1.4.4
    * CVE-2021-21334: Fixed a potential information leak through environment
    variables (bsc#1183397).
    * Handle a requirement from docker (bsc#1181594).
    * Install the containerd-shim* binaries and stop creating (bsc#1183024).
    * update version to the one required by docker (bsc#1034053)

    - Use -buildmode=pie for tests and binary build (bsc#1048046, bsc#1051429)
    - Cleanup seccomp builds similar (bsc#1028638).
    - Update to handle the docker-runc removal, and drop the -kubic flavour
    (bsc#1181677, bsc#1181749)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1458-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1458-1
  • CVE-2020-10713+
    Recently Published

    Gentoo Linux GRUB Multiple Vulnerabilities (GLSA 202104-05)

    Severity
    Critical4
    Qualys ID
    710015
    Date Published
    May 5, 2021
    Vendor Reference
    GLSA 202104-05
    CVE Reference
    CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-14372, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
    CVSS Scores
    Base 8.2 / Temporal 7.1
    Description
    Gentoo Linux is a Linux distribution

    Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot.

    Affected Package: sys-devel/grub

    Affected version: Prior to 2.06_rc1

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    The Vendor has released security update to fix the vulnerability. For more information please visit 202104-05
    Patches
    202104-05
  • CVE-2021-3472
    Recently Published

    Gentoo Linux X.Org X Server Privilege Escalation Vulnerability (GLSA 202104-02)

    Severity
    Critical4
    Qualys ID
    710012
    Date Published
    May 5, 2021
    Vendor Reference
    GLSA 202104-02
    CVE Reference
    CVE-2021-3472
    CVSS Scores
    Base 7.3 / Temporal 6.4
    Description
    Gentoo Linux is a Linux distribution

    A vulnerability in X.Org X Server may allow users to escalate privileges.

    Affected Package: x11-base/xorg-server

    Affected version: Prior to 1.20.11

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    The Vendor has released security update to fix the vulnerability. For more information please visit 202104-02
    Patches
    202104-02
  • CVE-2021-25317
    In Development

    SUSE Enterprise Linux Security Update for cups (SUSE-SU-2021:1454-1)

    Severity
    Critical4
    Qualys ID
    174969
    Vendor Reference
    SUSE-SU-2021:1454-1
    CVE Reference
    CVE-2021-25317
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for cups fixes the following issues:

    - CVE-2021-25317: ownership of /var/log/cups could allow privilege
    escalation from lp user to root via symlink attacks (bsc#1184161)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1454-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1454-1
  • CVE-2021-1835+
    Recently Published

    Apple iOS 14.5 and iPadOS 14.5 Security Update Missing (HT212317)

    Severity
    Urgent5
    Qualys ID
    610334
    Date Published
    May 5, 2021
    Vendor Reference
    HT212317
    CVE Reference
    CVE-2021-1835, CVE-2021-1837, CVE-2021-1867, CVE-2021-1849, CVE-2021-1836, CVE-2021-1808, CVE-2021-1857, CVE-2021-1846, CVE-2021-1809, CVE-2021-30659, CVE-2021-1811, CVE-2021-1872, CVE-2021-1881, CVE-2021-1882, CVE-2021-1813, CVE-2021-30656, CVE-2021-1883, CVE-2021-1884, CVE-2021-1885, CVE-2021-30653, CVE-2021-1843, CVE-2021-1858, CVE-2021-1864, CVE-2021-1877, CVE-2021-1852, CVE-2021-1830, CVE-2021-1874, CVE-2021-1851, CVE-2021-1860, CVE-2021-1816, CVE-2021-1832, CVE-2021-30660, CVE-2021-30652, CVE-2021-1875, CVE-2021-1822, CVE-2021-1865, CVE-2021-1815, CVE-2021-1739, CVE-2021-1740, CVE-2021-1807, CVE-2021-1831, CVE-2021-1868, CVE-2021-1854, CVE-2021-1848, CVE-2021-1825, CVE-2021-1817, CVE-2021-1826, CVE-2021-1820, CVE-2021-30661, CVE-2020-7463
    CVSS Scores
    Base 5.5 / Temporal 4.8
    Description
    iOS is a mobile operating system created and developed by Apple Inc.

    Following security issues are observed :
    This issue was addressed with improved checks. CVE-2021-1835
    A certificate validation issue was addressed. CVE-2021-1837
    An out-of-bounds read was addressed with improved input validation. CVE-2021-1867
    An issue in code signature validation was addressed with improved checks. CVE-2021-1849
    A logic issue was addressed with improved restrictions. CVE-2021-1836
    A memory corruption issue was addressed with improved validation. CVE-2021-1808
    A memory initialization issue was addressed with improved memory handling. CVE-2021-1857
    An out-of-bounds read was addressed with improved input validation. CVE-2021-1846
    A memory corruption issue was addressed with improved validation. CVE-2021-1809
    A validation issue was addressed with improved logic. CVE-2021-30659
    A logic issue was addressed with improved state management. CVE-2021-1811
    A logic issue was addressed with improved state management. CVE-2021-1872
    An out-of-bounds read was addressed with improved input validation. CVE-2021-1881
    A memory corruption issue was addressed with improved validation. CVE-2021-1882
    A validation issue was addressed with improved logic. CVE-2021-1813
    An access issue was addressed with improved memory management. CVE-2021-30656
    This issue was addressed with improved checks. CVE-2021-1883
    A race condition was addressed with improved locking. CVE-2021-1884
    An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1885
    This issue was addressed with improved checks. CVE-2021-30653
    An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1858
    A use after free issue was addressed with improved memory management. CVE-2021-1864
    An out-of-bounds read was addressed with improved input validation. CVE-2021-1877
    A logic issue was addressed with improved state management. CVE-2021-1874
    A memory initialization issue was addressed with improved memory handling. CVE-2021-1860
    A buffer overflow was addressed with improved bounds checking. CVE-2021-1816
    The issue was addressed with improved permissions logic. CVE-2021-1832
    An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30660
    A race condition was addressed with additional validation. CVE-2021-30652
    A double free issue was addressed with improved memory management. CVE-2021-1875
    A logic issue was addressed with improved restrictions. CVE-2021-1822
    An issue obscuring passwords in screenshots was addressed with improved logic. CVE-2021-1865
    A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1815
    A validation issue was addressed with improved input sanitization. CVE-2021-1807
    The issue was addressed with improved permissions logic. CVE-2021-1831
    A logic issue was addressed with improved state management. CVE-2021-1868
    A call termination issue with was addressed with improved logic. CVE-2021-1854
    The issue was addressed with improved UI handling. CVE-2021-1848
    An input validation issue was addressed with improved input validation. CVE-2021-1825
    A memory corruption issue was addressed with improved state management. CVE-2021-1817
    A logic issue was addressed with improved restrictions. CVE-2021-1826
    A memory initialization issue was addressed with improved memory handling. CVE-2021-1820
    A use after free issue was addressed with improved memory management. CVE-2021-30661
    A use after free issue was addressed with improved memory management. CVE-2020-7463

    Affected Devices
    iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Refer to Apple advisory HT212317 for patching details.
    Patches
    iOS HT212317
  • Recently Published

    Debian Security Update for python-apt (DLA 2488-2)

    Severity
    Critical4
    Qualys ID
    178548
    Date Published
    May 5, 2021
    Vendor Reference
    DLA 2488-2
    CVSS Scores
    Base 4.3 / Temporal 3.8
    Description
    Debian has released security update for python-apt to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DLA 2488-2 for patching details.
    Patches
    Debian DLA 2488-2
  • CVE-2021-21344+
    Recently Published

    CentOS Security Update for xstream (CESA-2021:1354)

    Severity
    Critical4
    Qualys ID
    257081
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1354 centos 7
    CVE Reference
    CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21350
    CVSS Scores
    Base 9.9 / Temporal 8.6
    Description
    CentOS has released security update for xstream to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1354
  • CVE-2021-27135
    Recently Published

    CentOS Security Update for xterm (CESA-2021:0617)

    Severity
    Critical4
    Qualys ID
    257083
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:0617 centos 7
    CVE Reference
    CVE-2021-27135
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    CentOS has released security update for xterm security update to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:0617
  • CVE-2021-26937
    Recently Published

    CentOS Security Update for screen (CESA-2021:0742)

    Severity
    Critical4
    Qualys ID
    257075
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:0742 centos 7
    CVE Reference
    CVE-2021-26937
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    CentOS has released security update for screen security update to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:0742
  • CVE-2020-25097
    Recently Published

    CentOS Security Update for squid (CESA-2021:1135)

    Severity
    Critical4
    Qualys ID
    257077
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1135 centos 7
    CVE Reference
    CVE-2020-25097
    CVSS Scores
    Base 8.6 / Temporal 7.5
    Description
    CentOS has released security update for squid security update to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1135
  • CVE-2021-20305
    Recently Published

    CentOS Security Update for nettle (CESA-2021:1145)

    Severity
    Critical4
    Qualys ID
    257076
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1145 centos 7
    CVE Reference
    CVE-2021-20305
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    CentOS has released security update for nettle security update to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1145
  • CVE-2021-20208+
    Recently Published

    SUSE Enterprise Linux Security Update for cifs-utils (SUSE-SU-2021:1455-1)

    Severity
    Critical4
    Qualys ID
    174970
    Date Published
    May 4, 2021
    Vendor Reference
    SUSE-SU-2021:1455-1
    CVE Reference
    CVE-2021-20208, CVE-2020-14342
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    This update for cifs-utils fixes the following security issues:

    - CVE-2021-20208: Fixed a potential kerberos auth leak escaping from
    container. (bsc#1183239)
    - CVE-2020-14342: Fixed a shell command injection vulnerability in
    mount.cifs. (bsc#1174477)

    This update for cifs-utils fixes the following issues:

    - Solve invalid directory mounting. When attempting to change the current
    working directory into non-existing directories, mount.cifs crashes.
    (bsc#1152930)

    - Fixed a bug where it was no longer possible to mount CIFS filesystem
    after the last maintenance update. (bsc#1184815)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1455-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1455-1
  • CVE-2021-25317
    Recently Published

    SUSE Enterprise Linux Security Update for cups (SUSE-SU-2021:1453-1)

    Severity
    Critical4
    Qualys ID
    174968
    Date Published
    May 4, 2021
    Vendor Reference
    SUSE-SU-2021:1453-1
    CVE Reference
    CVE-2021-25317
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for cups fixes the following issues:

    - CVE-2021-25317: ownership of /var/log/cups could allow privilege
    escalation from lp user to root via symlink attacks (bsc#1184161)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1453-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1453-1
  • CVE-2021-3308+
    Recently Published

    SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:1460-1)

    Severity
    Critical4
    Qualys ID
    174972
    Date Published
    May 4, 2021
    Vendor Reference
    SUSE-SU-2021:1460-1
    CVE Reference
    CVE-2021-3308, CVE-2020-28368, CVE-2021-28687
    CVSS Scores
    Base 5.5 / Temporal 4.8
    Description
    This update for xen fixes the following issues:

    - CVE-2020-28368: Intel RAPL sidechannel attack aka PLATYPUS attack
    (bsc#1178591, XSA-351)
    - CVE-2021-3308: IRQ vector leak on x86 (bsc#1181254, XSA-360)
    - CVE-2021-28687: HVM soft-reset crashes toolstack (bsc#1183072, XSA-368)
    - L3: conring size for XEN HV's with huge memory to small (bsc#1177204).
    - kdump of HVM fails, soft-reset not handled by libxl (bsc#1179148)
    - openQA job causes libvirtd to dump core when running kdump inside domain
    (bsc#1181989).
    - Upstream bug fixes (bsc#1027519)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1460-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1460-1
  • CVE-2021-2163
    Recently Published

    CentOS Security Update for java-1.8.0-openjdk (CESA-2021:1298)

    Severity
    Critical4
    Qualys ID
    257080
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1298 centos 7
    CVE Reference
    CVE-2021-2163
    CVSS Scores
    Base 5.3 / Temporal 4.6
    Description
    CentOS has released security update for java-1.8.0-openjdk to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1298
  • CVE-2021-2163
    Recently Published

    CentOS Security Update for java-11-openjdk (CESA-2021:1297)

    Severity
    Critical4
    Qualys ID
    257079
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1297 centos 7
    CVE Reference
    CVE-2021-2163
    CVSS Scores
    Base 5.3 / Temporal 4.6
    Description
    CentOS has released security update for java-11-openjdk to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1297
  • CVE-2021-25215
    Recently Published

    CentOS Security Update for bind (CESA-2021:1469)

    Severity
    Critical4
    Qualys ID
    257082
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1469 centos 7
    CVE Reference
    CVE-2021-25215
    CVSS Scores
    Base 5 / Temporal 4.4
    Description
    CentOS has released security update for bind security update to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1469
  • CVE-2021-23991+
    Recently Published

    CentOS Security Update for thunderbird (CESA-2021:1192)

    Severity
    Critical4
    Qualys ID
    257078
    Date Published
    May 4, 2021
    Vendor Reference
    CESA-2021:1192 centos 7
    CVE Reference
    CVE-2021-23991, CVE-2021-23992, CVE-2021-23993, CVE-2021-29949, CVE-2021-29950
    CVSS Scores
    Base 5 / Temporal 4.4
    Description
    CentOS has released security update for thunderbird to fix the vulnerabilities.

    Affected Products:

    centos 7

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.
    Patches
    centos 7 CESA-2021:1192
  • CVE-2020-28007+
    Recently Published

    Exim Mail Server Multiple Vulnerabilities (21Nails)(Generic)

    Severity
    Urgent5
    Qualys ID
    50110
    Date Published
    May 4, 2021
    Vendor Reference
    Exim 21Nails Multiple vulnerabilities
    CVE Reference
    CVE-2020-28007, CVE-2020-28008, CVE-2020-28014, CVE-2021-27216, CVE-2020-28011, CVE-2020-28010, CVE-2020-28013, CVE-2020-28016, CVE-2020-28015, CVE-2020-28012, CVE-2020-28009, CVE-2020-28017, CVE-2020-28020, CVE-2020-28023, CVE-2020-28021, CVE-2020-28022, CVE-2020-28026, CVE-2020-28019, CVE-2020-28024, CVE-2020-28018, CVE-2020-28025
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is free software and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

    Qualys Research Team has discovered 21 vulnerabilities (11 local vulnerabilities and 10 remote vulnerabilities) that affect Exim mail Server. It has been given the name 21Nails. The bugs can be leveraged to elevate privileges to root, execute code remotely among other attacks.

    Affected Versions:
    Exim versions prior to 4.94.2

    QID Detection Logic (Unauthenticated):
    The QID checks for the SMTP banner to check for vulnerable versions of exim.

    QID Detection Logic (Authenticated):
    The QID checks for vulnerable versions of exim by running command "exim --version".

    Consequence
    Successful exploitation will allow remote code execution, privilege escalation, file deletion etc.

    Solution
    Customer are advised to update to Exim version 4.94.2 or later.

    Patches
    Exim downloads
  • CVE-2021-1765+
    In Development

    SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1430-1)

    Severity
    Critical4
    Qualys ID
    174960
    Vendor Reference
    SUSE-SU-2021:1430-1
    CVE Reference
    CVE-2021-1765, CVE-2021-1799, CVE-2021-1871, CVE-2020-29623, CVE-2021-1844, CVE-2021-1801, CVE-2021-1789, CVE-2021-1870, CVE-2021-1788, CVE-2020-27918
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This update for webkit2gtk3 fixes the following issues:

    - Update to version 2.32.0 (bsc#1184155):
    * Fix the authentication request port when URL omits the port.
    * Fix iframe scrolling when main frame is scrolled in async
    * scrolling mode.
    * Stop using g_memdup.
    * Show a warning message when overriding signal handler for
    * threading suspension.
    * Fix the build on RISC-V with GCC 11.
    * Fix several crashes and rendering issues.
    * Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
    - Update in version 2.30.6 (bsc#1184262):
    * Update user agent quirks again for Google Docs and Google Drive.
    * Fix several crashes and rendering issues.
    * Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765
    CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.
    - Update _constraints for armv6/armv7 (bsc#1182719)
    - restore NPAPI plugin support which was removed in 2.32.0
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1430-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1430-1
  • CVE-2021-25900
    In Development

    SUSE Enterprise Linux Security Update for librsvg (SUSE-SU-2021:1408-1)

    Severity
    Critical4
    Qualys ID
    174957
    Vendor Reference
    SUSE-SU-2021:1408-1
    CVE Reference
    CVE-2021-25900
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This update for librsvg fixes the following issues:

    - librsvg was updated to 2.46.5:
    * Update dependent crates that had security vulnerabilities: smallvec to
    0.6.14 - RUSTSEC-2018-0003 - CVE-2021-25900 (bsc#1183403)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1408-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1408-1
  • CVE-2021-20305
    In Development

    SUSE Enterprise Linux Security Update for libnettle (SUSE-SU-2021:1412-1)

    Severity
    Critical4
    Qualys ID
    174959
    Vendor Reference
    SUSE-SU-2021:1412-1
    CVE Reference
    CVE-2021-20305
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    This update for libnettle fixes the following issues:

    - CVE-2021-20305: Fixed the multiply function which was being called with
    out-of-range scalars (bsc#1184401).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1412-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1412-1
  • CVE-2021-25297+
    Recently Published

    Nagios XI 5.7.5 Have Multiple Vulnerabilities

    Severity
    Critical4
    Qualys ID
    375516
    Date Published
    May 4, 2021
    Vendor Reference
    Nagios XI
    CVE Reference
    CVE-2021-25297, CVE-2021-25298, CVE-2021-25299
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    Nagios Core is a free and open source computer-software application that monitors systems, networks and infrastructure. Nagios offers monitoring and alerting services for servers, switches, applications and services.

    CVE-2021-25297-An OS command injection as the apache user through variables passed into the Config Wizard.
    CVE-2021-25298-An OS command injection as the apache user through variables passed into the Config Wizard.
    CVE-2021-25299-XSS vulnerability in the SSH Terminal page.
    Affected version:
    Version: 5.7.5

    QID Detection Logic:(Authenticated)
    It will check for vulnerable version of Nagios Core from version file.

    Consequence
    Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary OS and files command which may lead to remote code execution.
    Solution
    The vendor has released the fix. This issue was fixed in version 5.8.0 or above. Please visit here for more information.
    Patches
    Nagios XI
  • Recently Published

    EOL/Obsolete Operating System: Ubuntu 16.04 Detected

    Severity
    Urgent5
    Qualys ID
    105977
    Date Published
    May 3, 2021
    Vendor Reference
    EMS for Ubuntu 16.04
    CVSS Scores
    Base 9.8 / Temporal 9
    Description

    Support for Ubuntu 16.04 ended on April 30th, 2021. Ubuntu Security Notices will no longer include information or updated packages for Ubuntu 16.04

    QID Detection Logic:
    The QID checks for the vulnerable version of Ubuntu.

    Consequence
    The system is at high risk of being exposed to security vulnerabilities. Since the vendor will not provide standard support.
    Solution
    Users are encouraged to evaluate and upgrade to our latest release
    Refer to Ubuntu for information on this operating system.
  • CVE-2021-20305
    Recently Published

    SUSE Enterprise Linux Security Update for libnettle (SUSE-SU-2021:1399-1)

    Severity
    Critical4
    Qualys ID
    174949
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1399-1
    CVE Reference
    CVE-2021-20305
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    This update for libnettle fixes the following issues:

    - CVE-2021-20305: Fixed the multiply function which was being called with
    out-of-range scalars (bsc#1184401, bsc#1183835).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1399-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1399-1
  • CVE-2021-28660+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (SUSE-SU-2021:1365-1)

    Severity
    Critical4
    Qualys ID
    174955
    Vendor Reference
    SUSE-SU-2021:1365-1
    CVE Reference
    CVE-2021-28660, CVE-2021-26930, CVE-2021-28688, CVE-2021-26931, CVE-2021-3444
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    This update for the Linux Kernel 4.12.14-197_64 fixes several issues.

    The following security issues were fixed:

    - CVE-2021-3444: Fixed an issue with the bpf verifier which did not
    properly handle mod32 destination register truncation when the source
    register was known to be 0 leading to out of bounds read (bsc#1184171).
    - CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
    (bsc#1183658).
    - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
    bsc#1183646).
    - CVE-2021-26930: Fixed an improper error handling in blkback's grant
    mapping (XSA-365 bsc#1182294).
    - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
    mapping errors as bugs (XSA-362 bsc#1183022).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1365-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1365-1
  • CVE-2021-28688+
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:1373-1)

    Severity
    Critical4
    Qualys ID
    174954
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1373-1
    CVE Reference
    CVE-2021-28688, CVE-2021-26931, CVE-2021-26930
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    This update for the Linux Kernel 4.4.180-94_135 fixes one issue.

    The following security issues were fixed:

    - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
    bsc#1183646).
    - CVE-2021-26930: Fixed an improper error handling in blkback's grant
    mapping (XSA-365 bsc#1182294).
    - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
    mapping errors as bugs (XSA-362 bsc#1183022).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1373-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1373-1
  • CVE-2021-28688+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (SUSE-SU-2021:1395-1)

    Severity
    Critical4
    Qualys ID
    174953
    Vendor Reference
    SUSE-SU-2021:1395-1
    CVE Reference
    CVE-2021-28688, CVE-2021-3444, CVE-2021-28660
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    This update for the Linux Kernel 4.12.14-197_86 fixes several issues.

    The following security issues were fixed:

    - CVE-2021-3444: Fixed an issue with the bpf verifier which did not
    properly handle mod32 destination register truncation when the source
    register was known to be 0 leading to out of bounds read (bsc#1184171).
    - CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
    (bsc#1183658).
    - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
    bsc#1183646).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1395-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1395-1
  • CVE-2021-28688+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15) (SUSE-SU-2021:1347-1)

    Severity
    Critical4
    Qualys ID
    174952
    Vendor Reference
    SUSE-SU-2021:1347-1
    CVE Reference
    CVE-2021-28688, CVE-2021-3444
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    This update for the Linux Kernel 4.12.14-150_69 fixes several issues.

    The following security issues were fixed:

    - CVE-2021-3444: Fixed an issue with the bpf verifier which did not
    properly handle mod32 destination register truncation when the source
    register was known to be 0 leading to out of bounds read (bsc#1184171).
    - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
    bsc#1183646).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1347-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1347-1
  • CVE-2021-28688+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 21 for SLE 15) (SUSE-SU-2021:1344-1)

    Severity
    Critical4
    Qualys ID
    174950
    Vendor Reference
    SUSE-SU-2021:1344-1
    CVE Reference
    CVE-2021-28688, CVE-2021-26931, CVE-2021-26930, CVE-2021-3444
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    This update for the Linux Kernel 4.12.14-150_63 fixes several issues.

    The following security issues were fixed:

    - CVE-2021-3444: Fixed an issue with the bpf verifier which did not
    properly handle mod32 destination register truncation when the source
    register was known to be 0 leading to out of bounds read (bsc#1184171).
    - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
    bsc#1183646).
    - CVE-2021-26930: Fixed an improper error handling in blkback's grant
    mapping (XSA-365 bsc#1182294).
    - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
    mapping errors as bugs (XSA-362 bsc#1183022).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1344-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1344-1
  • CVE-2021-23995+
    Recently Published

    SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:1433-1)

    Severity
    Critical4
    Qualys ID
    174961
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1433-1
    CVE Reference
    CVE-2021-23995, CVE-2021-23998, CVE-2021-23994, CVE-2021-29945, CVE-2021-29946, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    This update for MozillaFirefox fixes the following issues:

    - MozillaFirefox was updated to 78.10.0 ESR (bsc#1184960)
    * CVE-2021-23994: Out of bound write due to lazy initialization
    * CVE-2021-23995: Use-after-free in Responsive Design Mode
    * CVE-2021-23998: Secure Lock icon could have been spoofed
    * CVE-2021-23961: More internal network hosts could have been probed by
    a malicious webpage
    * CVE-2021-23999: Blob URLs may have been granted additional privileges
    * CVE-2021-24002: Arbitrary FTP command execution on FTP servers using
    an encoded URL
    * CVE-2021-29945: Incorrect size computation in WebAssembly JIT could
    lead to null-reads
    * CVE-2021-29946: Port blocking could be bypassed
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1433-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1433-1
  • CVE-2020-9484+
    Recently Published

    SUSE Enterprise Linux Security Update for tomcat (SUSE-SU-2021:1431-1)

    Severity
    Critical4
    Qualys ID
    174964
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1431-1
    CVE Reference
    CVE-2020-9484, CVE-2021-25329
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    This update for tomcat fixes the following issues:

    - CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1431-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1431-1
  • CVE-2021-20254
    Recently Published

    SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1445-1)

    Severity
    Critical4
    Qualys ID
    174967
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1445-1
    CVE Reference
    CVE-2021-20254
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for samba fixes the following issues:

    - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
    (bsc#1184677).
    - Avoid free'ing our own pointer in memcache when memcache_trim attempts
    to reduce cache size (bsc#1179156).
    - Adjust smbcacls '--propagate-inheritance' feature to align with upstream
    (bsc#1178469).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1445-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1445-1
  • CVE-2021-20254+
    In Development

    SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1444-1)

    Severity
    Critical4
    Qualys ID
    174966
    Vendor Reference
    SUSE-SU-2021:1444-1
    CVE Reference
    CVE-2021-20254, CVE-2021-20277, CVE-2020-27840
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for samba fixes the following issues:

    - CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold
    (bsc#1183574).
    - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
    (bsc#1184677).
    - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad
    DNs (bsc#1183572).
    - Avoid free'ing our own pointer in memcache when memcache_trim attempts
    to reduce cache size (bsc#1179156).
    - s3-libads: use dns name to open a ldap session (bsc#1184310).
    - Adjust smbcacls '--propagate-inheritance' feature to align with upstream
    (bsc#1178469).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1444-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1444-1
  • CVE-2021-20254
    Recently Published

    SUSE Enterprise Linux Security Update for samba (SUSE-SU-2021:1438-1)

    Severity
    Critical4
    Qualys ID
    174965
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1438-1
    CVE Reference
    CVE-2021-20254
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    This update for samba fixes the following issues:

    - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids()
    (bsc#1184677).
    - Avoid free'ing our own pointer in memcache when memcache_trim attempts
    to reduce cache size (bsc#1179156).
    - Adjust smbcacls '--propagate-inheritance' feature to align with upstream
    (bsc#1178469).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1438-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1438-1
  • Recently Published

    SUSE Enterprise Linux Security Update for permissions (SUSE-SU-2021:1429-1)

    Severity
    Critical4
    Qualys ID
    174963
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1429-1
    CVSS Scores
    Base 5.6 / Temporal 4.9
    Description
    This update for permissions fixes the following issues:

    - Update to version 20170707:
    * make btmp root:utmp (bsc#1050467, bsc#1182899)
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1429-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1429-1
  • Recently Published

    SUSE Enterprise Linux Security Update for gdm (SUSE-SU-2021:1401-1)

    Severity
    Critical4
    Qualys ID
    174948
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1401-1
    CVSS Scores
    Base 5.6 / Temporal 4.9
    Description
    This update for gdm fixes the following issues:

    - Avoid the signal SIGTRAP when gdm exits (bsc#1184456).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1401-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1401-1
  • CVE-2019-5736
    In Development

    Oracle Enterprise Linux Security Update for runc (ELSA-2021-9203)

    Severity
    Urgent5
    Qualys ID
    159170
    Vendor Reference
    ELSA-2021-9203
    CVE Reference
    CVE-2019-5736
    CVSS Scores
    Base 8.6 / Temporal 6.9
    Description
    Oracle Enterprise Linux has released a security update for runc bug to fix the vulnerabilities.

    Affected Product:
    Oracle Linux 7

    Consequence
    This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

    ELSA-2021-9203.
    Patches
    Oracle Linux ELSA-2021-9203
  • CVE-2020-27337
    Recently Published

    HPE Integrated Lights-Out (iLO) Remote Memory Corruption Vulnerability (hpesbhf04106)

    Severity
    Critical4
    Qualys ID
    730068
    Date Published
    May 3, 2021
    Vendor Reference
    hpesbhf04106
    CVE Reference
    CVE-2020-27337
    CVSS Scores
    Base 7.3 / Temporal 6.4
    Description

    HPE Integrated Lights-Out (iLO) is an embedded server management technology used for out-of-band management. A potential security vulnerability has been identified in Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware.

    Affected Versions:
    HP Integrated Lights-Out 5 (iLO 4) firmware versions prior to v2.33
    HP Integrated Lights-Out 4 (iLO 4) firmware versions prior to v2.77

    QID Detection Logic(Unauthenticated):
    This QID checks for vulnerable version of HPE Integrated Lights-Out via an HTTP request to "xmldata?item=All" URL.

    Consequence
    The vulnerability could be remotely exploited to cause memory corruption.

    Solution

    Customers are advised to visit HPSBHF03275 to remediate this vulnerability.

    Patches
    hpesbhf04106
  • CVE-2021-28688
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (SUSE-SU-2021:1341-1)

    Severity
    Critical4
    Qualys ID
    174947
    Date Published
    May 3, 2021
    Vendor Reference
    SUSE-SU-2021:1341-1
    CVE Reference
    CVE-2021-28688
    CVSS Scores
    Base 6.5 / Temporal 5.7
    Description
    This update for the Linux Kernel 4.4.180-94_141 fixes one issue.

    The following security issue was fixed:

    - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294,
    bsc#1183646).
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Upgrade to the latest package which contains the patch. To install this SUSE Security, Update use YaST online_update. Alternatively you can run the command listed for your product. To install packages using the command line interface, use command "yum update". Refer to Suse security advisory: SUSE-SU-2021:1341-1 to address this issue and obtain further details.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:1341-1
  • CVE-2021-27928
    In Development

    Oracle Enterprise Linux Security Update for mariadb:10.3 and mariadb-devel:10.3 (ELSA-2021-1242)

    Severity
    Urgent5
    Qualys ID
    159165
    Vendor Reference
    ELSA-2021-1242
    CVE Reference
    CVE-2021-27928
    CVSS Scores
    Base 7.2 / Temporal 5.8
    Description
    Oracle Enterprise Linux has released a security update for mariadb:10.3 and mariadb-devel:10.3 to fix the vulnerabilities.

    Affected Product:
    Oracle Linux 8

    Consequence
    This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

    ELSA-2021-1242.
    Patches
    Oracle Linux ELSA-2021-1242
  • CVE-2021-27928
    In Development

    Oracle Enterprise Linux Security Update for mariadb:10.3 and mariadb-devel:10.3 (ELSA-2021-1242)

    Severity
    Urgent5
    Qualys ID
    159164
    Vendor Reference
    ELSA-2021-1242
    CVE Reference
    CVE-2021-27928
    CVSS Scores
    Base 7.2 / Temporal 5.8
    Description
    Oracle Enterprise Linux has released a security update for mariadb:10.3 and mariadb-devel:10.3 to fix the vulnerabilities.

    Affected Product:
    Oracle Linux 8

    Consequence
    This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

    ELSA-2021-1242.
    Patches
    Oracle Linux ELSA-2021-1242
  • CVE-2020-11669+
    In Development

    Red Hat Update for kernel-alt (RHSA-2021:1379)

    Severity
    Critical4
    Qualys ID
    239253
    Vendor Reference
    RHSA-2021:1379
    CVE Reference
    CVE-2020-11669, CVE-2021-3347, CVE-2021-27364, CVE-2021-27365
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    The kernel-alt packages provide the Linux kernel version 4.x.

    Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)

    Affected Products:

    Red Hat Enterprise Linux for Power 9 7 ppc64le
    Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1379 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1379
  • CVE-2020-5931
    Recently Published

    F5 BIG-IP ASM,LTM,APM TMM Vulnerability (K25400442)

    Severity
    Critical4
    Qualys ID
    375514
    Date Published
    May 3, 2021
    Vendor Reference
    K25400442
    CVE Reference
    CVE-2020-5931
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
    F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BiG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
    F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.

    Vulnerable Component: BIG-IP ASM, APM,LTM

    Affected Versions:
    15.0.0 - 15.1.0
    14.0.0 - 14.1.2
    13.1.0 - 13.1.3
    12.1.0 - 12.1.5
    11.5.2 - 11.6.5

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    An attacker may be able to perform a denial-of-service (DoS) attack on a BIG-IP system by causing the TMM process to restart.

    Solution
    The vendor has released any patch, for more information please visit: K25400442

    Workaround:
    To mitigate this vulnerability, you can remove the OneConnect profile from the affected virtual server.

    Patches
    K25400442
  • Recently Published

    EOL/Obsolete Software: PowerShell 6.x Detected

    Severity
    Urgent5
    Qualys ID
    105975
    Date Published
    May 3, 2021
    Vendor Reference
    PowerShell End Of Life
    CVSS Scores
    Base 8.1 / Temporal 7.4
    Description
    PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on Windows, Linux, and macOS.

    No further bug fixes, enhancements, security updates or technical support is available for this version.
    Affected Versions and EOL:
    PowerShell Version 6.0 : February 13,2019
    PowerShell Version 6.1 : September 28,2019
    PowerShell Version 6.2 : September 4,2020

    QID Detection Logic:
    Operating System: Windows
    The QID checks for vulnerable version of file pwsh,exe
    Operating System: Linux
    The QID checks for vulnerable version of PowerShell Core by running command "pwsh --version" .

    Consequence
    The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.
    Solution
    Upgrade to the latest supported PowerShell. Refer to PowerShell 7.0 or later.
  • CVE-2020-12662+
    Recently Published

    F5 BIG-IP Unbound DNS Cache Vulnerabilities(K37661551)

    Severity
    Critical4
    Qualys ID
    375488
    Date Published
    May 3, 2021
    Vendor Reference
    K37661551
    CVE Reference
    CVE-2020-12662, CVE-2020-12663
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    F5's BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions.

    Vulnerable Component: BIG-IP DNS, GTM

    Affected Versions:
    15.0.0 - 15.1.0
    14.1.0 - 14.1.2
    13.1.0 - 13.1.3
    12.1.0 - 12.1.5
    11.6.1 - 11.6.5

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    A remote attacker may be able to perform a DoS attack on a DNS cache configured on the BIG-IP system by causing Unbound to become unresponsive.

    Solution
    The vendor has released any patch, for more information please visit: K37661551
    Patches
    K37661551
  • CVE-2021-1844
    Recently Published

    Apple MacOS Big Sur 11.2.3 Security Update(HT212220)

    Severity
    Critical4
    Qualys ID
    375427
    Date Published
    May 3, 2021
    Vendor Reference
    HT212220
    CVE Reference
    CVE-2021-1844
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    macOS Big Sur (version 11) is the 17th and current major release of macOS, Apple Inc.'s operating system for Macintosh computers, and is the successor to macOS Catalina (version 10.15).

    Affected Versions:
    Apple MacOS Big Sur version before 11.2.3

    QID Detection Logic:
    This QID checks for vulnerable version of Big sur.

    Consequence
    Processing maliciously crafted web content may lead to arbitrary code execution

    Solution
    The updates can be downloaded from Apple Downloads.

    For more information regarding the update can be found at HT212220.

    Patches
    HT212220
  • CVE-2021-23008
    Recently Published

    F5 BIG-IP APM AD Authentication Vulnerability(K51213246)

    Severity
    Critical4
    Qualys ID
    375519
    Date Published
    April 30, 2021
    Vendor Reference
    K51213246
    CVE Reference
    CVE-2021-23008
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.

    Vulnerable Component: BIG-IP APM

    Affected Versions:
    16.0.0 - 16.0.1
    15.0.0 - 15.1.2
    14.1.0 - 14.1.3
    13.1.0 - 13.1.3
    12.1.0 - 12.1.5
    11.5.2 - 11.6.5

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    A remote attacker can hijack a KDC connection using a spoofed AS-REP response.

    Solution
    The vendor has released patch, for more information please visit: K51213246

    Workaround:
    To mitigate this vulnerability, you can configure multi-factor authentication (MFA), or host-level authentication, such as deploying an IPSec tunnel between the affected BIG-IP APM system and the AD servers.

    Patches
    K51213246
  • CVE-2019-2201
    Recently Published

    EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2021-1686)

    Severity
    Urgent5
    Qualys ID
    670187
    Date Published
    April 29, 2021
    Vendor Reference
    EulerOS-SA-2021-1686
    CVE Reference
    CVE-2019-2201
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Euler has released a security update for libjpeg-turbo to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1686
    Patches
    EulerOS-SA-2021-1686
  • Recently Published

    EOL/Obsolete Hardware: Cisco Catalyst 4500 Supervisor Engine 6-E Detected

    Severity
    Urgent5
    Qualys ID
    105976
    Date Published
    April 29, 2021
    Vendor Reference
    Cisco Catalyst 4500 Supervisor Engine 6-E
    CVSS Scores
    Base 7.3 / Temporal 6.5
    Description
    Cisco announced the end-of-life dates for the Cisco Catalyst Cisco Catalyst 4500 Supervisor Engine 6-E on 1st March, 2013.

    QID Detection Logic (Authenticated):
    This QID checks "show version" command for catalyst version and posts if End Of Life version is found.

    Consequence
    The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.

    Solution
    Customers are encouraged to migrate to the Cisco Catalyst 4500E Supervisor Engine 8-E.
  • CVE-2021-21344+
    Recently Published

    Red Hat Update for xstream (RHSA-2021:1354)

    Severity
    Critical4
    Qualys ID
    239260
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1354
    CVE Reference
    CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21350
    CVSS Scores
    Base 9.9 / Temporal 8.6
    Description
    XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.

    Security Fix(es): XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344) XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345) XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346) XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator (CVE-2021-21347) XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350)

    Affected Products:

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for IBM z Systems 7 s390x
    Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Scientific Computing 7 x86_64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1354 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1354
  • CVE-2020-12658
    Recently Published

    EulerOS Security Update for gssproxy (EulerOS-SA-2021-1679)

    Severity
    Critical4
    Qualys ID
    670179
    Date Published
    April 29, 2021
    Vendor Reference
    EulerOS-SA-2021-1679
    CVE Reference
    CVE-2020-12658
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released a security update for gssproxy to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1679
    Patches
    EulerOS-SA-2021-1679
  • CVE-2020-36158+
    Recently Published

    EulerOS Security Update for kernel (EulerOS-SA-2021-1684)

    Severity
    Critical4
    Qualys ID
    670185
    Date Published
    April 29, 2021
    Vendor Reference
    EulerOS-SA-2021-1684
    CVE Reference
    CVE-2020-36158, CVE-2020-0543, CVE-2019-3900, CVE-2018-9517, CVE-2019-11135, CVE-2019-19338, CVE-2020-10690, CVE-2020-12351, CVE-2020-27786, CVE-2020-25669, CVE-2020-27777, CVE-2020-29660, CVE-2020-29661, CVE-2020-14305, CVE-2019-20934, CVE-2020-4788, CVE-2020-25704, CVE-2020-29370, CVE-2020-28974, CVE-2020-28915, CVE-2020-29371, CVE-2020-15436, CVE-2020-15437
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    Euler has released a security update for kernel to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1684
    Patches
    EulerOS-SA-2021-1684
  • CVE-2020-25681+
    Recently Published

    EulerOS Security Update for dnsmasq (EulerOS-SA-2021-1673)

    Severity
    Critical4
    Qualys ID
    670173
    Date Published
    April 29, 2021
    Vendor Reference
    EulerOS-SA-2021-1673
    CVE Reference
    CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25685, CVE-2020-25686, CVE-2020-25684, CVE-2020-25684, CVE-2020-25685, CVE-2020-25684, CVE-2020-25686, CVE-2020-25687
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Euler has released a security update for dnsmasq to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1673
    Patches
    EulerOS-SA-2021-1673
  • CVE-2020-15436+
    Recently Published

    Red Hat Update for kernel (RHSA-2021:1376)

    Severity
    Critical4
    Qualys ID
    239255
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1376
    CVE Reference
    CVE-2020-15436, CVE-2020-28374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es): kernel: SCSI target (LIO)
    write to any block on ILO backstore (CVE-2020-28374) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
    Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
    Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
    Red Hat Enterprise Linux Server - AUS 7.6 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
    Red Hat Enterprise Linux Server - TUS 7.6 x86_64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
    Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1376 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1376
  • CVE-2020-28374+
    Recently Published

    Red Hat Update for kpatch-patch (RHSA-2021:1377)

    Severity
    Critical4
    Qualys ID
    239254
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1377
    CVE Reference
    CVE-2020-28374, CVE-2021-27364, CVE-2021-27365
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

    Security Fix(es): kernel: SCSI target (LIO)
    write to any block on ILO backstore (CVE-2020-28374) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
    Red Hat Enterprise Linux Server - AUS 7.6 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
    Red Hat Enterprise Linux Server - TUS 7.6 x86_64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1377 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1377
  • CVE-2021-23240+
    Recently Published

    EulerOS Security Update for sudo (EulerOS-SA-2021-1707)

    Severity
    Critical4
    Qualys ID
    670208
    Date Published
    April 29, 2021
    Vendor Reference
    EulerOS-SA-2021-1707
    CVE Reference
    CVE-2021-23240, CVE-2021-23239, CVE-2021-3156
    CVSS Scores
    Base 7.8 / Temporal 7
    Description
    Euler has released a security update for sudo to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1707
    Patches
    EulerOS-SA-2021-1707
  • CVE-2021-28165
    Recently Published

    Jenkins Core Denial Of Service Vulnerability(Jenkins Security Advisory 2021-04-20)

    Severity
    Critical4
    Qualys ID
    730064
    Date Published
    April 29, 2021
    Vendor Reference
    Jenkins Security Advisory 2021-04-20
    CVE Reference
    CVE-2021-28165
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Jenkins is an open-source automation server written in Java. Jenkins helps to automate the non-human part of the software development process, with continuous integration and facilitating technical aspects of continuous delivery.

    Affected Versions:
    Jenkins weekly up to and including 2.285
    Jenkins LTS up to and including 2.277.2

    Fixed Versions:
    Jenkins weekly should be updated to version 2.286
    Jenkins LTS should be updated to version 2.277.3

    QID Detection Logic(Unauthenticated):
    This QID checks for vulnerable version by sending a crafted GET request to Jenkins. This QID also detects the vulnerable version from login page or HTTP header.

    Consequence
    This vulnerability may allow unauthenticated attackers to cause a denial of service if Winstone-Jetty is configured to handle SSL/TLS connections.

    Solution
    Customers are advised to upgrade to latest Jenkins version
    For further details refer to Jenkins Security Advisory 2021-04-20
    Patches
    Jenkins Security Advisory 2021-04-20
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for thunderbird (RHSA-2021:1350)

    Severity
    Critical4
    Qualys ID
    239264
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1350
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)

    Affected Products:

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1350 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1350
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for thunderbird (RHSA-2021:1351)

    Severity
    Critical4
    Qualys ID
    239263
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1351
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1351 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1351
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for thunderbird (RHSA-2021:1352)

    Severity
    Critical4
    Qualys ID
    239262
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1352
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1352 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1352
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for thunderbird (RHSA-2021:1353)

    Severity
    Critical4
    Qualys ID
    239261
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1353
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.10.0.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946) Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Enterprise Linux for Power, little endian 8 ppc64le
    Red Hat Enterprise Linux for ARM 64 8 aarch64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1353 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1353
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for firefox (RHSA-2021:1360)

    Severity
    Critical4
    Qualys ID
    239259
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1360
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Enterprise Linux for IBM z Systems 8 s390x
    Red Hat Enterprise Linux for Power, little endian 8 ppc64le
    Red Hat Enterprise Linux for ARM 64 8 aarch64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1360 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1360
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for firefox (RHSA-2021:1361)

    Severity
    Critical4
    Qualys ID
    239258
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1361
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1361 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1361
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for firefox (RHSA-2021:1362)

    Severity
    Critical4
    Qualys ID
    239257
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1362
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1362 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1362
  • CVE-2021-23961+
    Recently Published

    Red Hat Update for firefox (RHSA-2021:1363)

    Severity
    Critical4
    Qualys ID
    239256
    Date Published
    April 29, 2021
    Vendor Reference
    RHSA-2021:1363
    CVE Reference
    CVE-2021-23961, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.10.0 ESR.

    Security Fix(es): Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) Mozilla: Port blocking could be bypassed (CVE-2021-29946)

    Affected Products:

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for IBM z Systems 7 s390x
    Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1363 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1363
  • CVE-2018-11805
    Recently Published

    EulerOS Security Update for spamassassin (EulerOS-SA-2021-1706)

    Severity
    Critical4
    Qualys ID
    670207
    Date Published
    April 29, 2021
    Vendor Reference
    EulerOS-SA-2021-1706
    CVE Reference
    CVE-2018-11805
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    Euler has released a security update for spamassassin to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released a security update to fix the vulnerability. For more information please visit EulerOS-SA-2021-1706
    Patches
    EulerOS-SA-2021-1706
  • CVE-2021-21347+
    In Development

    Oracle Enterprise Linux Security Update for xstream (ELSA-2021-1354)

    Severity
    Critical4
    Qualys ID
    159162
    Vendor Reference
    ELSA-2021-1354
    CVE Reference
    CVE-2021-21347, CVE-2021-21350, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346
    CVSS Scores
    Base 9.9 / Temporal 7.9
    Description
    Oracle Enterprise Linux has released a security update for xstream to fix the vulnerabilities.

    Affected Product:
    Oracle Linux 7

    Consequence
    This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

    ELSA-2021-1354.
    Patches
    Oracle Linux ELSA-2021-1354
  • Recently Published

    Drupal Core Cross-Site Scripting Vulnerability(SA-CORE-2021-002)

    Severity
    Urgent5
    Qualys ID
    730058
    Date Published
    April 29, 2021
    Vendor Reference
    SA-CORE-2021-002
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Drupal is a free and open source content management framework written in PHP and distributed under the GNU General Public License.

    Affected Versions:
    Drupal 9.1, prior to Drupal 9.1.7.
    Drupal 9.0, prior to Drupal 9.0.12.
    Drupal 8.9, prior to Drupal 8.9.14.
    Drupal 7, prior to Drupal 7.80.

    QID Detection Logic:(Unauthenticated)
    This QID checks for vulnerable version of Drupal installed on the target.

    Note: Versions of Drupal 8 prior to 8.9.x are end-of-life and do not receive security coverage.

    Consequence
    Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.

    Solution
    Customers are advised to install latest drupal version.
    For more information visitDrupal security advisory SA-CORE-2021-002
    Patches
    SA-CORE-2021-002
  • CVE-2021-27905
    Recently Published

    Apache Solr SSRF vulnerability

    Severity
    Critical4
    Qualys ID
    730063
    Date Published
    April 28, 2021
    Vendor Reference
    CVE-2021-27905
    CVE Reference
    CVE-2021-27905
    CVSS Scores
    Base / Temporal
    Description
    Apache Solr is an open source enterprise search platform, written in Java, from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, real-time indexing, dynamic clustering, database integration, NoSQL features and rich document handling.

    Affected Versions:
    Apache Solr versions 8.0.0 to 8.8.1
    Apache Solr versions 7.0.0 to 7.7.3

    QID Detection Logic (Unauthenticated):
    This QID sends a crafted HTTP request to check if the target is vulnerable or not.

    Consequence
    Successful exploitation could lead to server side request forgery attack

    Solution
    Users are advised to upgrade to latest solr version Solr 8.8.2 or Apply the patch SOLR-15217
    Patches
    CVE-2021-27905
  • CVE-2020-28243+
    Recently Published

    Gentoo Linux Salt Multiple Vulnerabilities (GLSA 202103-01)

    Severity
    Critical4
    Qualys ID
    710007
    Date Published
    April 28, 2021
    Vendor Reference
    GLSA 202103-01
    CVE Reference
    CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3144, CVE-2021-3148, CVE-2021-3197
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Gentoo Linux is a Linux distribution

    Multiple vulnerabilities have been found in Salt, the worst of which could allow remote attacker to execute arbitrary commands.

    Affected Package: app-admin/salt

    Affected version: Prior to 3000.8

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.
    Solution
    The Vendor has released security update to fix the vulnerability. For more information please visit 202103-01
    Patches
    202103-01
  • CVE-2021-21227+
    Recently Published

    Google Chrome Prior To 90.0.4430.93 Multiple Vulnerabilities

    Severity
    Critical4
    Qualys ID
    375505
    Date Published
    April 28, 2021
    Vendor Reference
    90.0.4430.93
    CVE Reference
    CVE-2021-21227, CVE-2021-21232, CVE-2021-21233, CVE-2021-21228, CVE-2021-21229, CVE-2021-21230, CVE-2021-21231
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    Google Chrome is a web browser for multiple platforms developed by Google.

    Affected Versions:
    Google Chrome Prior to 90.0.4430.72

    QID Detection Logic(Authenticated):
    This QID checks for vulnerable versions of Google Chrome on Windows, MAC OS, and Linux OS.

    Consequence
    Successful exploitation of these vulnerabilities may result in attacker to execute arbitrary code execution on target system.

    Solution
    Customers are advised to upgrade to latest version: 90.0.4430.93
    For further details refer to Google Chrome 90.0.4430.93
    Patches
    90.0.4430.93
  • CVE-2020-27942+
    Recently Published

    Apple macOS Security Update 2021-003 Mojave (HT212327)

    Severity
    Critical4
    Qualys ID
    375510
    Date Published
    April 28, 2021
    Vendor Reference
    HT212327
    CVE Reference
    CVE-2020-27942, CVE-2020-3838, CVE-2020-8037, CVE-2020-8285, CVE-2020-8286, CVE-2021-1739, CVE-2021-1784, CVE-2021-1797, CVE-2021-1805, CVE-2021-1806, CVE-2021-1808, CVE-2021-1809, CVE-2021-1811, CVE-2021-1813, CVE-2021-1828, CVE-2021-1834, CVE-2021-1839, CVE-2021-1840, CVE-2021-1843, CVE-2021-1847, CVE-2021-1851, CVE-2021-1857, CVE-2021-1860, CVE-2021-1868, CVE-2021-1873, CVE-2021-1875, CVE-2021-1876, CVE-2021-1878, CVE-2021-1881, CVE-2021-30652
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Multiple vulnerabilities were addressed in Apple macOS.

    Affected versions:
    Apple macOS Security Update Prior to 2021-003 Mojave.

    QID Detection Logic (Authenticated):
    This QID looks for the missing security patches from Mojave

    Consequence
    Successful exploitation could allows arbitrary code execution, elevate privileges, denial of service.

    Solution
    The vendor has issued these fixes: Apple macOS Security Update 2021-003 Mojave.
    The updates can be downloaded from Apple Downloads.

    For more information regarding the update can be found at HT212327.

    Patches
    HT212327
  • CVE-2021-21222+
    Recently Published

    Microsoft Edge Based On Chromium Prior to 90.0.818.46 Multiple Vulnerabilities

    Severity
    Critical4
    Qualys ID
    375499
    Date Published
    April 28, 2021
    Vendor Reference
    CVE-2021-21222, CVE-2021-21223, CVE-2021-21225, CVE-2021-21226
    CVE Reference
    CVE-2021-21222, CVE-2021-21223, CVE-2021-21225, CVE-2021-21226
    CVSS Scores
    Base 9.6 / Temporal 8.3
    Description
    Microsoft Edge is a cross-platform web browser developed by Microsoft.

    Microsoft Edge based on Chromium is affected by the following vulnerabilities:
    CVE-2021-21222: Heap buffer overflow in V8.
    CVE-2021-21223: Integer overflow in Mojo.
    CVE-2021-21225: Out of bounds memory access in V8.
    CVE-2021-21226: Use after free in navigation.

    QID Detection Logic: (authenticated)
    Operating System: Windows
    The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.

    Consequence
    Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary code on target system.

    Solution
    Customers are advised to upgrade to version
    For further details refer to 90.0.818.46 or later
    Patches
    CVE-2021-21222, CVE-2021-21223, CVE-2021-21225, CVE-2021-21226
  • Recently Published

    Debian Security Update for gst-libav1.0 (DSA 4901-1)

    Severity
    Critical4
    Qualys ID
    178565
    Date Published
    April 28, 2021
    Vendor Reference
    DSA 4901-1
    CVSS Scores
    Base 7.3 / Temporal 5.9
    Description
    Debian has released security update forgst-libav1.0 to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4901-1 for patching details.
    Patches
    Debian DSA 4901-1
  • Recently Published

    Debian Security Update for gst-plugins-ugly1.0 (DSA 4904-1)

    Severity
    Critical4
    Qualys ID
    178568
    Date Published
    April 28, 2021
    Vendor Reference
    DSA 4904-1
    CVSS Scores
    Base 6.5 / Temporal 5.2
    Description
    Debian has released security update forgst-plugins-ugly1.0 to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4904-1 for patching details.
    Patches
    Debian DSA 4904-1
  • Recently Published

    Debian Security Update for gst-plugins-base1.0 (DSA 4903-1)

    Severity
    Critical4
    Qualys ID
    178567
    Date Published
    April 28, 2021
    Vendor Reference
    DSA 4903-1
    CVSS Scores
    Base 5.3 / Temporal 4.3
    Description
    Debian has released security update forgst-plugins-base1.0 to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4903-1 for patching details.
    Patches
    Debian DSA 4903-1
  • Recently Published

    Debian Security Update for gst-plugins-bad1.0 (DSA 4902-1)

    Severity
    Critical4
    Qualys ID
    178566
    Date Published
    April 28, 2021
    Vendor Reference
    DSA 4902-1
    CVSS Scores
    Base 0 / Temporal 0
    Description
    Debian has released security update forgst-plugins-bad1.0 to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4902-1 for patching details.
    Patches
    Debian DSA 4902-1
  • CVE-2021-30657+
    Recently Published

    Apple macOS Security Update 2021-002 Catalina (HT212326)

    Severity
    Urgent5
    Qualys ID
    375507
    Date Published
    April 27, 2021
    Vendor Reference
    HT212326
    CVE Reference
    CVE-2021-30657, CVE-2021-1797, CVE-2021-1810, CVE-2021-1808, CVE-2021-1857, CVE-2021-1809, CVE-2021-1847, CVE-2021-1811, CVE-2020-8285, CVE-2020-8286, CVE-2021-1784, CVE-2021-1881, CVE-2020-27942, CVE-2021-1813, CVE-2021-1882, CVE-2021-1843, CVE-2021-1834, CVE-2021-1860, CVE-2021-1851, CVE-2021-1840, CVE-2021-1875, CVE-2021-1824, CVE-2021-1876, CVE-2021-1739, CVE-2021-1740, CVE-2021-1878, CVE-2021-1868, CVE-2020-8037, CVE-2021-1839, CVE-2021-1828, CVE-2020-3838, CVE-2021-1873, CVE-2021-30652
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Multiple vulnerabilities were addressed in Apple macOS.

    Affected versions:
    Apple macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave.

    QID Detection Logic (Authenticated):
    This QID looks for the missing security patches from Mojave, Big Sur, Catalina

    Consequence
    Successful exploitation could allow an attacker to the disclosure of sensitive user information, read restricted memory, read arbitrary files, bypass Gatekeeper checks, disclosure of process memory, unexpected application termination or arbitrary code execution, denial of service, and privilege escalation.

    Solution
    The vendor has released these fixes: Security Update 2021-002 Mojave.
    The updates can be downloaded from Apple Downloads.

    For more information regarding the update can be found at HT212326.

    Patches
    HT212326
  • CVE-2021-1853+
    Recently Published

    Apple MacOS Big Sur 11.3 Not Installed (HT212325)

    Severity
    Critical4
    Qualys ID
    375503
    Date Published
    April 27, 2021
    Vendor Reference
    HT212325
    CVE Reference
    CVE-2021-1853, CVE-2021-1849, CVE-2021-1867, CVE-2021-1810, CVE-2021-1808, CVE-2021-1857, CVE-2021-1846, CVE-2021-1809, CVE-2021-30659, CVE-2021-1847, CVE-2021-1811, CVE-2020-8286, CVE-2020-8285, CVE-2021-1784, CVE-2021-1872, CVE-2021-1881, CVE-2021-1882, CVE-2021-1813, CVE-2021-1883, CVE-2021-1884, CVE-2021-1880, CVE-2021-30653, CVE-2021-1814, CVE-2021-1843, CVE-2021-1885, CVE-2021-1858, CVE-2021-30658, CVE-2021-1841, CVE-2021-1834, CVE-2021-1860, CVE-2021-1840, CVE-2021-1851, CVE-2021-1832, CVE-2021-30660, CVE-2021-30652, CVE-2021-1875, CVE-2021-1824, CVE-2021-1859, CVE-2021-1876, CVE-2021-1815, CVE-2021-1739, CVE-2021-1740, CVE-2021-1861, CVE-2021-1855, CVE-2021-1868, CVE-2021-1878, CVE-2021-30657, CVE-2020-8037, CVE-2021-1839, CVE-2021-1825, CVE-2021-1817, CVE-2021-1826, CVE-2021-1820, CVE-2021-30661, CVE-2020-7463, CVE-2021-1828, CVE-2021-1829, CVE-2021-30655, CVE-2021-1873
    CVSS Scores
    Base 7.5 / Temporal 7.2
    Description
    macOS Big Sur (version 11) is the 17th and current major release of macOS, Apple Inc.'s operating system for Macintosh computers, and is the successor to macOS Catalina (version 10.15).

    Affected Versions:
    Apple MacOS Big Sur version before 11.3

    QID Detection Logic:
    This QID checks for vulnerable version of Big sur.

    Consequence
    Sucessful explotation of the vulnerability will allow privilege escalation, bypass Gatekeeper checks and information disclosure among others.

    Solution
    The updates can be downloaded from Apple Downloads.

    For more information regarding the update can be found at HT212325.

    Patches
    HT212325
  • CVE-2018-14671
    Recently Published

    ClickHouse Remote Code Execution Vulnerability

    Severity
    Critical4
    Qualys ID
    375495
    Date Published
    April 27, 2021
    Vendor Reference
    ClickHouse Release 18.10.3
    CVE Reference
    CVE-2018-14671
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    ClickHouse is an open-source column-oriented DBMS for online analytical processing.

    ClickHouse is vulnerable to Remote Code Execution Vulnerability

    Affected Versions:
    Prior to ClickHouse version 18.10.3

    QID Detection Logic:
    This QID uses command clickhouse-client to get the version from the linux system

    Consequence
    Successful exploitation could allow remote code execution

    Solution
    Please refer to advisory clickhouse release 18.10.3
    Patches
    ClickHouse Release 18.10.3
  • CVE-2020-11443
    Recently Published

    Zoom Arbitrary File Deletion Vulnerability

    Severity
    Critical4
    Qualys ID
    375487
    Date Published
    April 27, 2021
    Vendor Reference
    ZSB-20001
    CVE Reference
    CVE-2020-11443
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Zoom provides video communications with a cloud platform for video and audio conferencing, chat, and webinars across mobile, desktop, and room systems.

    A vulnerability in how the Zoom Windows installer could allow a local Windows user to delete files.
    Affected Versions:
    Zoom version prior to 4.6.10

    QID Detection Logic:
    This authenticated QID detects zoom.exe versions by fetching a list of binaries from AppData\Roaming\Zoom\bin and from HKLM\SOFTWARE\Zoom\MSI

    Consequence
    Successful exploitation of this vulnerability may allow an attacker to delete files on target system.

    Solution
    Customers are advised to refer Zoom security update for more information
    Patches
    Zoom Version 4.4.53932.0709
  • CVE-2019-19006
    Recently Published

    FreePBX Incorrect Access Control Vulnerability (SEC-2019-001)

    Severity
    Critical4
    Qualys ID
    730044
    Date Published
    April 27, 2021
    Vendor Reference
    SEC-2019-001
    CVE Reference
    CVE-2019-19006
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FreePBX is a web-based configuration tool for the open-source Asterisk PBX implemented in PHP.

    FreePBX is vulnerable to Incorrect Access Control

    Affected Versions:
    FreePBX 13 prior to v13.0.197.14
    FreePBX 14 prior to v14.0.13.12
    FreePBX 15 prior to v15.0.16.27
    QID Detection Logic:
    This QID checks for the vulnerable version of FreePBX by sending get request to admin/config.php

    Consequence
    Successful exploitation could compromise confidentiality, integrity and availability

    Solution
    The vendor has released advisories and updates to fix these vulnerabilities. Refer to the following link for details: Security Vulnerability Notice.
    Patches
    SEC-2019-001
  • CVE-2021-23984+
    Recently Published

    Amazon Linux Security Advisory for thunderbird: ALAS2-2021-1632

    Severity
    Critical4
    Qualys ID
    352266
    Date Published
    April 26, 2021
    Vendor Reference
    ALAS-2021-1632
    CVE Reference
    CVE-2021-23984, CVE-2021-23987, CVE-2021-23982, CVE-2021-23981
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    <DIV ID="issue_overview">
    The Mozilla Foundation Security Advisory describes this issue as:
    A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. (CVE-2021-23981 )
    Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Thunderbird < 78.9, and Firefox < 87. (CVE-2021-23982 )
    The Mozilla Foundation Security Advisory describes this issue as:
    A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. (CVE-2021-23984 )
    The Mozilla Foundation Security Advisory describes this issue as:
    Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-23987 )
    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1632 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS-2021-1632
  • CVE-2020-25097
    Recently Published

    Amazon Linux Security Advisory for squid: ALAS2-2021-1631

    Severity
    Critical4
    Qualys ID
    352267
    Date Published
    April 26, 2021
    Vendor Reference
    ALAS-2021-1631
    CVE Reference
    CVE-2020-25097
    CVSS Scores
    Base 8.6 / Temporal 7.5
    Description
    <DIV ID="issue_overview">
    A flaw was found in squid. Due to improper validation while parsing the request URI, squid is vulnerable to HTTP request smuggling. This issue could allow a trusted client to perform an HTTP request smuggling attack and access services otherwise forbidden by squid. The highest threat from this vulnerability is to data confidentiality. (CVE-2020-25097 )
    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1631 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS-2021-1631
  • CVE-2021-20305
    Recently Published

    Amazon Linux Security Advisory for nettle: ALAS2-2021-1629

    Severity
    Critical4
    Qualys ID
    352269
    Date Published
    April 26, 2021
    Vendor Reference
    ALAS-2021-1629
    CVE Reference
    CVE-2021-20305
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    <DIV ID="issue_overview">
    A flaw was found in Nettle, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-20305 )
    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1629 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS-2021-1629
  • CVE-2020-25715+
    Recently Published

    Amazon Linux Security Advisory for pki-core: ALAS2-2021-1630

    Severity
    Critical4
    Qualys ID
    352268
    Date Published
    April 26, 2021
    Vendor Reference
    ALAS-2021-1630
    CVE Reference
    CVE-2020-25715, CVE-2019-10146, CVE-2019-10179, CVE-2019-10221, CVE-2020-1721, CVE-2021-20179
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    <DIV ID="issue_overview">
    A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser. (CVE-2019-10146 )
    It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code. (CVE-2019-10179 )
    A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser. (CVE-2019-10221 )
    A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code. (CVE-2020-1721 )
    A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity. (CVE-2020-25715 )
    A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. (CVE-2021-20179 )
    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1630 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS-2021-1630
  • CVE-2021-20277
    Recently Published

    Amazon Linux Security Advisory for libldb: ALAS2-2021-1628

    Severity
    Critical4
    Qualys ID
    352270
    Date Published
    April 26, 2021
    Vendor Reference
    ALAS-2021-1628
    CVE Reference
    CVE-2021-20277
    CVSS Scores
    Base 5.6 / Temporal 4.9
    Description
    <DIV ID="issue_overview">
    A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277 )
    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1628 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS-2021-1628
  • CVE-2021-20277
    Recently Published

    Amazon Linux Security Advisory for libldb: ALAS-2021-1494

    Severity
    Critical4
    Qualys ID
    352265
    Date Published
    April 26, 2021
    Vendor Reference
    ALAS-2021-1494
    CVE Reference
    CVE-2021-20277
    CVSS Scores
    Base 5.6 / Temporal 4.9
    Description
    <DIV ID="issue_overview">
    A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. (CVE-2021-20277 )
    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1494 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux ALAS-2021-1494
  • CVE-2021-27928
    Recently Published

    MariaDB Multiple Security Vulnerabilities

    Severity
    Urgent5
    Qualys ID
    375486
    Date Published
    April 26, 2021
    Vendor Reference
    MariaDB
    CVE Reference
    CVE-2021-27928
    CVSS Scores
    Base 7.2 / Temporal 6.5
    Description
    MariaDB is a database server that offers drop-in replacement functionality for MySQL.

    Multiple Vulnerabilities in the MySQL Server product of Oracle MySQL (component: Server: FTS),
    CVE-2021-27928

    Affected Versions:
    10.2 before 10.2.37
    10.3 before 10.3.28
    10.4 before 10.4.18
    10.5 before 10.5.9
    QID Detection Logic:(Authenticated)
    This QID checks for the version of file aria_chk.exe to detect the vulnerable version of MariaDB

    Consequence
    Successful exploitation of this vulnerability will allow an attacker to crash the database which can lead to data loss or denial of service.
    Solution
    Customers are advised to upgrade to the latest version of software available. The latest version can be downloaded from here
    Patches
    MariaDB 10.2.37, MariaDB 10.3.28, MariaDB 10.4.18, MariaDB 10.5.9
  • CVE-2021-20305
    Recently Published

    Red Hat Update for gnutls and nettle (RHSA-2021:1245)

    Severity
    Critical4
    Qualys ID
    239242
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1245
    CVE Reference
    CVE-2021-20305
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    The gnutls packages provide the GNU Transport Layer Security (GnuTLS)
    library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

    Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1245 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1245
  • CVE-2021-20305
    Recently Published

    Red Hat Update for gnutls and nettle (RHSA-2021:1246)

    Severity
    Critical4
    Qualys ID
    239241
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1246
    CVE Reference
    CVE-2021-20305
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    The gnutls packages provide the GNU Transport Layer Security (GnuTLS)
    library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

    Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1246 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1246
  • CVE-2020-25715+
    Recently Published

    Red Hat Update for pki-core:10.6 (RHSA-2021:1263)

    Severity
    Critical4
    Qualys ID
    239239
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1263
    CVE Reference
    CVE-2020-25715, CVE-2021-20179
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    The Public Key Infrastructure (PKI)
    Core contains fundamental packages required by Red Hat Certificate System.

    Security Fix(es): pki-core: Unprivileged users can renew any certificate (CVE-2021-20179) pki-core: XSS in the certificate search results (CVE-2020-25715)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1263 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1263
  • CVE-2021-3347+
    Recently Published

    Red Hat Update for kernel (RHSA-2021:1272)

    Severity
    Critical4
    Qualys ID
    239238
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1272
    CVE Reference
    CVE-2021-3347, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
    Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1272 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1272
  • CVE-2021-3347+
    Recently Published

    Red Hat Update for kpatch-patch (RHSA-2021:1295)

    Severity
    Critical4
    Qualys ID
    239236
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1295
    CVE Reference
    CVE-2021-3347, CVE-2021-27364, CVE-2021-27365
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

    Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347) kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1295 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1295
  • CVE-2020-10725
    Recently Published

    Red Hat Update for dpdk (RHSA-2021:1239)

    Severity
    Critical4
    Qualys ID
    239246
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1239
    CVE Reference
    CVE-2020-10725
    CVSS Scores
    Base 7.7 / Temporal 6.7
    Description
    The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space.

    Security Fix(es): dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor (CVE-2020-10725)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1239 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1239
  • CVE-2021-3449+
    Recently Published

    Red Hat Update for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP7 (RHSA-2021:1199)

    Severity
    Critical4
    Qualys ID
    239247
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1199
    CVE Reference
    CVE-2021-3449, CVE-2021-3450
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering.This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.Security fix(es): openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)
    openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)

    Affected Products:

    Red Hat JBoss Core Services 1 for RHEL 7 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1199 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1199
  • CVE-2021-27928
    Recently Published

    Red Hat Update for mariadb:10.3 and mariadb-devel:10.3 (RHSA-2021:1240)

    Severity
    Critical4
    Qualys ID
    239245
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1240
    CVE Reference
    CVE-2021-27928
    CVSS Scores
    Base 7.2 / Temporal 6.5
    Description
    MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32).

    Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
    Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1240 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1240
  • CVE-2021-27928
    Recently Published

    Red Hat Update for mariadb:10.3 and mariadb-devel:10.3 (RHSA-2021:1241)

    Severity
    Critical4
    Qualys ID
    239244
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1241
    CVE Reference
    CVE-2021-27928
    CVSS Scores
    Base 7.2 / Temporal 6.5
    Description
    MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32).

    Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
    Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.1 s390x
    Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1 aarch64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1241 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1241
  • CVE-2021-27928
    Recently Published

    Red Hat Update for mariadb:10.3 and mariadb-devel:10.3 (RHSA-2021:1242)

    Severity
    Critical4
    Qualys ID
    239243
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1242
    CVE Reference
    CVE-2021-27928
    CVSS Scores
    Base 7.2 / Temporal 6.5
    Description
    MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32).

    Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Enterprise Linux for IBM z Systems 8 s390x
    Red Hat Enterprise Linux for Power, little endian 8 ppc64le
    Red Hat Enterprise Linux for ARM 64 8 aarch64
    Red Hat CodeReady Linux Builder for x86_64 8 x86_64
    Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
    Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
    Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1242 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1242
  • CVE-2021-3449
    Recently Published

    Red Hat Update for openssl (RHSA-2021:1063)

    Severity
    Critical4
    Qualys ID
    239249
    Date Published
    April 26, 2021
    Vendor Reference
    RHSA-2021:1063
    CVE Reference
    CVE-2021-3449
    CVSS Scores
    Base 5.9 / Temporal 5.2
    Description
    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)
    and Transport Layer Security (TLS)
    protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es): openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)

    Affected Products:

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:1063 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:1063
  • CVE-2021-23994+
    Recently Published

    Mozilla Firefox Multiple Vulnerabilities (MFSA2021-16)

    Severity
    Critical4
    Qualys ID
    375478
    Date Published
    April 26, 2021
    Vendor Reference
    MFSA2021-16
    CVE Reference
    CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29944, CVE-2021-29946, CVE-2021-29947
    CVSS Scores
    Base 0 / Temporal 0
    Description
    Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

    Affected Products:
    Prior to Firefox 88

    QID Detection Logic (Authenticated) :
    This checks for vulnerable version of Firefox browser.

    Consequence
    On successful exploitation it could allow to compromise integrity, availability and confidentiality.

    Solution
    Vendor has released fix to address these vulnerabilities. Refer to MFSA 2021-16
    Patches
    MFSA2021-16
Last updated: