Vulnerability Detection Pipeline (Beta)

Upcoming and New QIDs

Browse, filter by detection status, or search by CVE to get visibility into upcoming and new detections (QIDs) for all severities.

This is a public beta. We welcome your feedback.

Detection Status

  • Under investigation: We are researching a detection and will publish one if it is feasible.
  • In development: We are coding a detection and will typically publish it within a few days.
  • Recently published: We have published the detection on the date indicated, and it will typically be available in the KnowledgeBase on shared platforms within a day.

Non-Qualys customers can audit their network for all published vulnerabilities by signing up for a Qualys Free Trial or Qualys Community Edition.

81 results
CVE
Title
Severity
  • CVE-2020-16044
    In Development

    Mozilla Firefox for Android Remote Code Execution Vulnerability

    Severity
    Urgent5
    Qualys ID
    630594
    Vendor Reference
    mfsa2021-01
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code.

    Affected Versions

    Firefox for Android prior to 84.1.3

    Consequence
    On successful exploitation an attacker can run arbitrary code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to CVE-2020-16044 to address this issue and obtain more information.
    Patches
    Android mfsa2021-01
  • CVE-2020-15358+
    In Development

    Apple iOS 14.3 and iPadOS 14.3 Security Update Missing

    Severity
    Urgent5
    Qualys ID
    610298
    Vendor Reference
    HT212003
    CVE Reference
    CVE-2020-15358, CVE-2020-9979, CVE-2020-9976, CVE-2020-9977, CVE-2020-9971, CVE-2020-9972, CVE-2020-9973, CVE-2020-9954, CVE-2020-9876, CVE-2020-9952, CVE-2020-9950, CVE-2020-9951, CVE-2020-9958, CVE-2020-9959, CVE-2020-9992, CVE-2020-9993, CVE-2020-9991, CVE-2020-9996, CVE-2020-10013, CVE-2020-9999, CVE-2019-14899, CVE-2020-13630, CVE-2020-6147, CVE-2020-9773, CVE-2020-13435, CVE-2020-13434, CVE-2020-9963, CVE-2020-9944, CVE-2020-9961, CVE-2020-9946, CVE-2020-9941, CVE-2020-9966, CVE-2020-9965, CVE-2020-9964, CVE-2020-9969, CVE-2020-9968, CVE-2020-9949, CVE-2020-9981, CVE-2020-9983, CVE-2020-9989, CVE-2020-9988, CVE-2020-9943, CVE-2020-9947, CVE-2020-9849, CVE-2020-13631, CVE-2020-9955, CVE-2020-13520
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    iOS is a mobile operating system created and developed by Apple Inc.

    Following security issues are observed:
    CVE-2020-15358,CVE-2020-9979,CVE-2020-9976,CVE-2020-9977,CVE-2020-9971,CVE-2020-9972,CVE-2020-9973,CVE-2020-9954,CVE-2020-9876,CVE-2020-9952,CVE-2020-9950,CVE-2020-9951,CVE-2020-9958,CVE-2020-9959,CVE-2020-9992,CVE-2020-9993,CVE-2020-9991,CVE-2020-9996,CVE-2020-10013,CVE-2020-9999,CVE-2019-14899,CVE-2020-13630,CVE-2020-6147,CVE-2020-9773,CVE-2020-13435,CVE-2020-13434,CVE-2020-9963,CVE-2020-9944,CVE-2020-9961,CVE-2020-9946,CVE-2020-9941,CVE-2020-9966,CVE-2020-9965,CVE-2020-9964,CVE-2020-9969,CVE-2020-9968,CVE-2020-9949,CVE-2020-9981,CVE-2020-9983,CVE-2020-9989,CVE-2020-9988,CVE-2020-9943,CVE-2020-9947,CVE-2020-9849,CVE-2020-13631,CVE-2020-9955,CVE-2020-13520

    Affected Devices
    iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Refer to Apple advisory HT212003 for patching details.
    Patches
    iOS HT212003
  • CVE-2020-27951
    In Development

    Apple iOS 12.5 Security Update Missing

    Severity
    Urgent5
    Qualys ID
    610297
    Vendor Reference
    HT212004
    CVE Reference
    CVE-2020-27951
    CVSS Scores
    Base / Temporal
    Description
    iOS is a mobile operating system created and developed by Apple Inc.

    Following security issues are observed:
    A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. CVE-2020-27951
    Unauthorized code execution may lead to an authentication policy violation

    Affected Devices
    iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Refer to Apple advisory HT212004 for patching details.
    Patches
    iOS HT212004
  • CVE-2018-16877+
    In Development

    Debian Security Update for pacemaker (DLA 2519-1)

    Severity
    Urgent5
    Qualys ID
    178324
    Vendor Reference
    DLA 2519-1
    CVE Reference
    CVE-2018-16877, CVE-2018-16878, CVE-2020-25654
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Debian has released security update for pacemaker to fix the vulnerabilities.

    Consequence
    This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system.
    Solution
    Refer to Debian LTS Announce DLA 2519-1 to address this issue and obtain further details.
    Patches
    Debian DLA 2519-1
  • CVE-2020-12658
    In Development

    Debian Security Update for gssproxy (DLA 2516-1)

    Severity
    Critical4
    Qualys ID
    178321
    Vendor Reference
    DLA 2516-1
    CVE Reference
    CVE-2020-12658
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released security update for gssproxy to fix the vulnerabilities.

    Consequence
    This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to Debian LTS Announce DLA 2516-1 to address this issue and obtain further details.
    Patches
    Debian DLA 2516-1
  • CVE-2018-20669+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:0118-1)

    Severity
    Critical4
    Qualys ID
    174537
    Date Published
    January 15, 2021
    Vendor Reference
    SUSE-SU-2021:0118-1
    CVE Reference
    CVE-2018-20669, CVE-2019-20934, CVE-2020-0444, CVE-2020-0465, CVE-2020-0466, CVE-2020-27068, CVE-2020-27777, CVE-2020-27786, CVE-2020-27825, CVE-2020-28374, CVE-2020-29660, CVE-2020-29661, CVE-2020-36158, CVE-2020-4788
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    SUSE has released security update for the linux kernel to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Live Patching 15-SP1
    SUSE Linux Enterprise Module for Legacy Software 15-SP1
    SUSE Linux Enterprise Module for Development Tools 15-SP1
    SUSE Linux Enterprise Module for Basesystem 15-SP1

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0118-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0118-1
  • In Development

    SUSE Enterprise Linux Security Update for open-iscsi (SUSE-SU-2021:0127-1)

    Severity
    Critical4
    Qualys ID
    174539
    Date Published
    January 15, 2021
    Vendor Reference
    SUSE-SU-2021:0127-1
    CVSS Scores
    Base 5.6 / Temporal 4.9
    Description
    SUSE has released security update for open-iscsi to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Basesystem 15-SP2

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0127-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0127-1
  • CVE-2020-16044
    In Development

    Mozilla Thunderbird Multiple Vulnerabilities (MFSA2021-02)

    Severity
    Urgent5
    Qualys ID
    374841
    Vendor Reference
    MFSA2021-02
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Thunderbird is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

    Affected Products:
    Prior to Mozilla Thunderbird 78.6.1

    QID Detection Logic (Authenticated):
    This checks for vulnerable version of Thunderbird browser.

    Consequence
    Successful exploitation of these vulnerabilities could result in arbitrary code execution.

    Solution
    Vendor has released fix to address these vulnerabilities. Refer to MFSA2021-02
    Patches
    MFSA2021-02
  • CVE-2020-16044
    In Development

    Red Hat Update for firefox (RHSA-2021:0052)

    Severity
    Urgent5
    Qualys ID
    238993
    Vendor Reference
    RHSA-2021:0052
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.6.1 ESR.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Enterprise Linux for IBM z Systems 8 s390x
    Red Hat Enterprise Linux for Power, little endian 8 ppc64le
    Red Hat Enterprise Linux for ARM 64 8 aarch64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0052 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0052
  • CVE-2020-16044
    In Development

    Red Hat Update for firefox (RHSA-2021:0053)

    Severity
    Urgent5
    Qualys ID
    238992
    Vendor Reference
    RHSA-2021:0053
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.6.1 ESR.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for IBM z Systems 7 s390x
    Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0053 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0053
  • CVE-2020-16044
    In Development

    Red Hat Update for firefox (RHSA-2021:0054)

    Severity
    Urgent5
    Qualys ID
    238991
    Vendor Reference
    RHSA-2021:0054
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.6.1 ESR.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0054 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0054
  • CVE-2020-16044
    In Development

    Red Hat Update for firefox (RHSA-2021:0055)

    Severity
    Urgent5
    Qualys ID
    238990
    Vendor Reference
    RHSA-2021:0055
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.6.1 ESR.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0055 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0055
  • CVE-2020-16044
    In Development

    Red Hat Update for thunderbird (RHSA-2021:0087)

    Severity
    Urgent5
    Qualys ID
    238988
    Vendor Reference
    RHSA-2021:0087
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.6.1.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0087 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0087
  • CVE-2020-16044
    In Development

    Red Hat Update for thunderbird (RHSA-2021:0088)

    Severity
    Urgent5
    Qualys ID
    238987
    Vendor Reference
    RHSA-2021:0088
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.6.1.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0088 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0088
  • CVE-2020-16044
    In Development

    Red Hat Update for thunderbird (RHSA-2021:0089)

    Severity
    Urgent5
    Qualys ID
    238986
    Vendor Reference
    RHSA-2021:0089
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.6.1.

    Security Fix(es): Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Enterprise Linux for Power, little endian 8 ppc64le
    Red Hat Enterprise Linux for ARM 64 8 aarch64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0089 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0089
  • In Development

    EOL/Obsolete Software: Microsoft Office 2010 Service Pack 2 Detected

    Severity
    Urgent5
    Qualys ID
    105957
    Vendor Reference
    Microsoft Product Lifecycle
    CVSS Scores
    Base 6.3 / Temporal 5.8
    Description
    Microsoft Office is an office suite of desktop applications, servers and services for Microsoft's Windows operating systems.

    Microsoft ended support for Office 2010 Service Pack 2 on October 13, 2020 and provides no further support.

    Consequence
    The system is at high risk of being exposed to security vulnerabilities. Since Microsoft no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.

    Solution
    Customers are advised to download and install latest version Microsoft Office 2010
  • CVE-2020-14318+
    In Development

    Amazon Linux Security Advisory for samba: ALAS-2021-1469

    Severity
    Urgent5
    Qualys ID
    352195
    Vendor Reference
    ALAS-2021-1469
    CVE Reference
    CVE-2020-14318, CVE-2020-14323, CVE-2020-1472
    CVSS Scores
    Base 10 / Temporal 8
    Description
    <DIV> Issue Overview:

    A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. (CVE-2020-14318 )

    A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14323 )

    A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administratorprivileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1469 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux samba (4.10.16-9.56.amzn1) on i686 ALAS-2021-1469, Amazon Linux samba (4.10.16-9.56.amzn1) on noarch ALAS-2021-1469, Amazon Linux samba (4.10.16-9.56.amzn1) on src ALAS-2021-1469, Amazon Linux samba (4.10.16-9.56.amzn1) on x86_64 ALAS-2021-1469
  • CVE-2020-25694+
    In Development

    Amazon Linux Security Advisory for postgresql95: ALAS-2021-1476

    Severity
    Critical4
    Qualys ID
    352188
    Vendor Reference
    ALAS-2021-1476
    CVE Reference
    CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
    CVSS Scores
    Base 8.8 / Temporal 7
    Description
    <DIV> Issue Overview:

    A flaw was found in postgresql. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25694 )

    A flaw was found in postgresql. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25695 )

    A flaw was found in the psql interactive terminal of PostgreSQL. If an interactive psql session uses \gset when querying a compromised server, this flaw allows an attacker to execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-25696 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1476 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux postgresql95 (9.6.20-1.84.amzn1) on i686 ALAS-2021-1476, Amazon Linux postgresql95 (9.6.20-1.84.amzn1) on src ALAS-2021-1476, Amazon Linux postgresql95 (9.6.20-1.84.amzn1) on x86_64 ALAS-2021-1476
  • CVE-2020-25694+
    In Development

    Red Hat Update for libpq (RHSA-2021:0057)

    Severity
    Critical4
    Qualys ID
    238989
    Vendor Reference
    RHSA-2021:0057
    CVE Reference
    CVE-2020-25694, CVE-2020-25696
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. The following packages have been upgraded to a later upstream version: libpq (12.5). (BZ#1898227, BZ#1901559)

    Security Fix(es): postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694)
    postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0057 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0057
  • CVE-2020-14363
    In Development

    Amazon Linux Security Advisory for libX11: ALAS-2021-1462

    Severity
    Critical4
    Qualys ID
    352200
    Vendor Reference
    ALAS-2021-1462
    CVE Reference
    CVE-2020-14363
    CVSS Scores
    Base 7.8 / Temporal 6.3
    Description
    <DIV> Issue Overview:

    An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. (CVE-2020-14363 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1462 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux libX11 (1.6.0-2.2.13.amzn1) on i686 ALAS-2021-1462, Amazon Linux libX11 (1.6.0-2.2.13.amzn1) on src ALAS-2021-1462, Amazon Linux libX11 (1.6.0-2.2.13.amzn1) on x86_64 ALAS-2021-1462
  • CVE-2020-15862
    In Development

    Amazon Linux Security Advisory for net-snmp: ALAS-2021-1465

    Severity
    Critical4
    Qualys ID
    352198
    Vendor Reference
    ALAS-2021-1465
    CVE Reference
    CVE-2020-15862
    CVSS Scores
    Base 7.8 / Temporal 6.3
    Description
    <DIV> Issue Overview:

    A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-15862 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1465 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux net-snmp (5.5-60.22.amzn1) on i686 ALAS-2021-1465, Amazon Linux net-snmp (5.5-60.22.amzn1) on src ALAS-2021-1465, Amazon Linux net-snmp (5.5-60.22.amzn1) on x86_64 ALAS-2021-1465
  • CVE-2020-14345+
    In Development

    Amazon Linux Security Advisory for xorg-x11-server: ALAS-2021-1475

    Severity
    Critical4
    Qualys ID
    352189
    Vendor Reference
    ALAS-2021-1475
    CVE Reference
    CVE-2020-14345, CVE-2020-14346, CVE-2020-14361, CVE-2020-14362
    CVSS Scores
    Base 7.8 / Temporal 6.3
    Description
    <DIV> Issue Overview:

    A flaw was found in X.Org Server. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14345 )

    A flaw was found in xorg-x11-server. A integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14346 )

    A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14361 )

    A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-14362 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1475 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux xorg-x11-server (1.17.4-18.43.amzn1) on i686 ALAS-2021-1475, Amazon Linux xorg-x11-server (1.17.4-18.43.amzn1) on noarch ALAS-2021-1475, Amazon Linux xorg-x11-server (1.17.4-18.43.amzn1) on src ALAS-2021-1475, Amazon Linux xorg-x11-server (1.17.4-18.43.amzn1) on x86_64 ALAS-2021-1475
  • CVE-2020-29599
    In Development

    Red Hat Update for ImageMagick (RHSA-2021:0024)

    Severity
    Critical4
    Qualys ID
    238994
    Vendor Reference
    RHSA-2021:0024
    CVE Reference
    CVE-2020-29599
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats.

    Security Fix(es): ImageMagick: Shell injection via PDF password could result in arbitrary code execution (CVE-2020-29599)

    Affected Products :

    Red Hat Enterprise Linux Server 7 x86_64
    Red Hat Enterprise Linux Workstation 7 x86_64
    Red Hat Enterprise Linux Desktop 7 x86_64
    Red Hat Enterprise Linux for IBM z Systems 7 s390x
    Red Hat Enterprise Linux for Power, big endian 7 ppc64
    Red Hat Enterprise Linux for Scientific Computing 7 x86_64
    Red Hat Enterprise Linux for Power, little endian 7 ppc64le

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0024 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0024
  • CVE-2020-0444+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:0108-1)

    Severity
    Critical4
    Qualys ID
    174532
    Date Published
    January 14, 2021
    Vendor Reference
    SUSE-SU-2021:0108-1
    CVE Reference
    CVE-2020-0444, CVE-2020-0465, CVE-2020-0466, CVE-2020-11668, CVE-2020-27068, CVE-2020-27777, CVE-2020-27825, CVE-2020-27830, CVE-2020-29370, CVE-2020-29373, CVE-2020-29660, CVE-2020-29661, CVE-2020-36158
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    SUSE has released security update for the linux kernel to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Realtime 15-SP2

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0108-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0108-1
  • CVE-2020-0444+
    In Development

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:0095-1)

    Severity
    Critical4
    Qualys ID
    174531
    Date Published
    January 14, 2021
    Vendor Reference
    SUSE-SU-2021:0095-1
    CVE Reference
    CVE-2020-0444, CVE-2020-0465, CVE-2020-0466, CVE-2020-27068, CVE-2020-27777, CVE-2020-27825, CVE-2020-29660, CVE-2020-29661, CVE-2020-36158
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    SUSE has released security update for the linux kernel to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Realtime 15-SP1

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0095-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0095-1
  • CVE-2021-1723
    In Development

    Red Hat Update for dotnet5.0 (RHSA-2021:0094)

    Severity
    Critical4
    Qualys ID
    238985
    Vendor Reference
    RHSA-2021:0094
    CVE Reference
    CVE-2021-1723
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2.

    Security Fix(es): dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 (CVE-2021-1723)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 8 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0094 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0094
  • CVE-2021-1723
    In Development

    Red Hat Update for dotnet3.1 (RHSA-2021:0095)

    Severity
    Critical4
    Qualys ID
    238984
    Vendor Reference
    RHSA-2021:0095
    CVE Reference
    CVE-2021-1723
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11.

    Security Fix(es): dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 (CVE-2021-1723)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 8 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0095 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0095
  • CVE-2020-25211
    In Development

    Red Hat Update for kernel (RHSA-2021:0003)

    Severity
    Critical4
    Qualys ID
    238997
    Vendor Reference
    RHSA-2021:0003
    CVE Reference
    CVE-2020-25211
    CVSS Scores
    Base 6 / Temporal 5.2
    Description
    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es): kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 8 x86_64
    Red Hat Enterprise Linux for IBM z Systems 8 s390x
    Red Hat Enterprise Linux for Power, little endian 8 ppc64le
    Red Hat Enterprise Linux for ARM 64 8 aarch64
    Red Hat CodeReady Linux Builder for x86_64 8 x86_64
    Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
    Red Hat CodeReady Linux Builder for ARM 64 8 aarch64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0003 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0003
  • CVE-2020-25211
    In Development

    Red Hat Update for kernel-rt (RHSA-2021:0004)

    Severity
    Critical4
    Qualys ID
    238996
    Vendor Reference
    RHSA-2021:0004
    CVE Reference
    CVE-2020-25211
    CVSS Scores
    Base 6 / Temporal 5.2
    Description
    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

    Security Fix(es): kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)

    Affected Products :

    Red Hat Enterprise Linux for Real Time 8 x86_64
    Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:0004 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:0004
  • CVE-2020-28374
    In Development

    SUSE Enterprise Linux Security Update for tcmu-runner (SUSE-SU-2021:0093-1)

    Severity
    Critical4
    Qualys ID
    174528
    Date Published
    January 14, 2021
    Vendor Reference
    SUSE-SU-2021:0093-1
    CVE Reference
    CVE-2020-28374
    CVSS Scores
    Base / Temporal
    Description
    SUSE has released security update for tcmu-runner to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Server Applications 15-SP2

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0093-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0093-1
  • CVE-2020-16044
    In Development

    SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:0080-1)

    Severity
    Critical4
    Qualys ID
    174524
    Date Published
    January 14, 2021
    Vendor Reference
    SUSE-SU-2021:0080-1
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    SUSE has released security update for mozillafirefox to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Software Development Kit 12-SP5
    SUSE Linux Enterprise Server for SAP 12-SP4
    SUSE Linux Enterprise Server for SAP 12-SP3
    SUSE Linux Enterprise Server for SAP 12-SP2
    SUSE Linux Enterprise Server 12-SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0080-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0080-1
  • CVE-2020-16044
    In Development

    SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:0071-1)

    Severity
    Critical4
    Qualys ID
    174523
    Date Published
    January 14, 2021
    Vendor Reference
    SUSE-SU-2021:0071-1
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    SUSE has released security update for mozillafirefox to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Desktop Applications 15-SP2

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0071-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0071-1
  • CVE-2020-16044
    In Development

    SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:0072-1)

    Severity
    Critical4
    Qualys ID
    174522
    Date Published
    January 14, 2021
    Vendor Reference
    SUSE-SU-2021:0072-1
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    SUSE has released security update for mozillafirefox to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Module for Desktop Applications 15-SP1

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0072-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0072-1
  • CVE-2021-21008
    Recently Published

    Adobe Animate arbitrary code execution vulnerability(ASPB21-03)

    Severity
    Urgent5
    Qualys ID
    374836
    Date Published
    January 14, 2021
    Vendor Reference
    ASPB21-03
    CVE Reference
    CVE-2021-21008
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    Adobe has released an update for Adobe Animate that resolves arbitrary code execution. Successful exploitation could lead to arbitrary code execution in the context of the current user.

    Affected versions:
    Adobe Animate 21.0 and earlier versions. QID detection logic:
    Qid checks for file Animate.exe in Windows HKLM.

    Consequence
    On successful exploitation an attacker could exploit arbitrary code execution in the context of the current user.
    Solution
    Vendor Adove has realesed the patch to fix this vulnerability. Refer to APSB21-03
    Patches
    ASPB21-03
  • CVE-2021-1652+
    Recently Published

    Microsoft Windows Security Update for January 2021

    Severity
    Urgent5
    Qualys ID
    91724
    Date Published
    January 13, 2021
    Vendor Reference
    KB4598229, KB4598230, KB4598231, KB4598242, KB4598243, KB4598245, KB4598275, KB4598278, KB4598279, KB4598285, KB4598287, KB4598288, KB4598289, KB4598297
    CVE Reference
    CVE-2021-1652, CVE-2021-1653, CVE-2021-1650, CVE-2021-1637, CVE-2021-1656, CVE-2021-1657, CVE-2021-1654, CVE-2021-1655, CVE-2021-1658, CVE-2021-1659, CVE-2021-1638, CVE-2021-1651, CVE-2021-1663, CVE-2021-1645, CVE-2021-1696, CVE-2021-1683, CVE-2021-1679, CVE-2021-1703, CVE-2021-1685, CVE-2021-1684, CVE-2021-1687, CVE-2021-1686, CVE-2021-1681, CVE-2021-1680, CVE-2021-1669, CVE-2021-1668, CVE-2021-1667, CVE-2021-1666, CVE-2021-1665, CVE-2021-1664, CVE-2021-1710, CVE-2021-1688, CVE-2021-1661, CVE-2021-1660, CVE-2021-1704, CVE-2021-1706, CVE-2021-1642, CVE-2021-1700, CVE-2021-1701, CVE-2021-1702, CVE-2021-1646, CVE-2021-1649, CVE-2021-1648, CVE-2021-1682, CVE-2021-1708, CVE-2021-1709, CVE-2021-1689, CVE-2021-1662, CVE-2021-1678, CVE-2021-1697, CVE-2021-1694, CVE-2021-1695, CVE-2021-1692, CVE-2021-1693, CVE-2021-1690, CVE-2021-1691, CVE-2021-1670, CVE-2021-1671, CVE-2021-1672, CVE-2021-1673, CVE-2021-1674, CVE-2021-1676, CVE-2021-1699
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Microsoft releases the security update for Windows January 2021

    The KB Articles associated with the update:
    KB4598288
    KB4598287
    KB4598243
    KB4598278
    KB4598275
    KB4598242
    KB4598285
    KB4598229
    KB4598245
    KB4598230
    KB4598297
    KB4598231
    KB4598279
    KB4598289

    This QID checks for the file version of ntoskrnl.exe

    The following versions of ntoskrnl.exe with their corresponding KBs are verified:
    KB4598288 - 6.0.6003.21026
    KB4598287 - 6.0.6003.21026
    KB4598243 - 10.0.14393.4169
    KB4598278 - 6.2.9200.23246
    KB4598275 - 6.3.9600.19913
    KB4598242 - 10.0.19041.746
    KB4598285 - 6.3.9600.19913
    KB4598229 - 10.0.18362.1316
    KB4598245 - 10.0.17134.1967
    KB4598230 - 10.0.17763.1697
    KB4598297 - 6.2.9200.23246
    KB4598231 - 10.0.10240.18818
    KB4598279 - 6.1.7601.24564
    KB4598289 - 6.1.7601.24564

    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to the Security Update Guide for more information pertaining to these vulnerabilities.

    Patches
    Windows Microsoft Security Update Guide
  • CVE-2021-1647
    Recently Published

    Microsoft Defender Remote Code Execution Vulnerability January 2021

    Severity
    Urgent5
    Qualys ID
    91722
    Date Published
    January 13, 2021
    Vendor Reference
    CVE-2021-1647
    CVE Reference
    CVE-2021-1647
    CVSS Scores
    Base 7.8 / Temporal 7
    Description
    Microsoft Defender is prone to Remote Code Execution Vulnerability.

    Affected Software:
    Microsoft System Center 2012 Endpoint Protection
    Microsoft Security Essentials
    Microsoft System Center 2012 R2 Endpoint Protection
    Microsoft System Center Endpoint Protection
    Windows Defender

    QID Detection Logic (Authenticated):
    Detection checks for mpengine.dll file version less than 1.1.17700.4

    Consequence
    Successful exploitation allows remote code execution and compromise the system.
    Solution
    Users are advised to check CVE-2021-1647 for more information.

    Patches
    CVE-2021-1647
  • CVE-2021-21106+
    Recently Published

    Microsoft Edge Based On Chromium Prior to 87.0.664.75 Multiple Vulnerabilities (ADV200002)

    Severity
    Critical4
    Qualys ID
    374833
    Date Published
    January 13, 2021
    Vendor Reference
    ADV200002
    CVE Reference
    CVE-2021-21106, CVE-2021-21107, CVE-2021-21108, CVE-2021-21109, CVE-2021-21110, CVE-2021-21111, CVE-2021-21112, CVE-2021-21113, CVE-2021-21114, CVE-2021-21115, CVE-2021-21116, CVE-2020-16043, CVE-2020-15995
    CVSS Scores
    Base 9.6 / Temporal 8.3
    Description
    Microsoft Edge based on Chromium is affected by the following vulnerabilities:

    Affected Version:
    Microsoft Edge based on Chromium Prior to version 87.0.664.75

    QID Detection Logic: (authenticated)
    Operating System: Windows
    The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.

    QID Detection Logic: (authenticated)
    Operating System: MacOS
    The QID checks for vulnerable version of Microsoft Edge from installed application list.

    Consequence
    Successful exploitation of this vulnerability affects confidentiality, integrity and availability.

    Solution
    Customers are advised to upgrade to version 87.0.664.75 or later
    For further details refer to ADV200002
    Patches
    ADV200002
  • CVE-2021-21106+
    Recently Published

    Google Chrome Prior To 87.0.4280.141 Multiple Vulnerabilities

    Severity
    Critical4
    Qualys ID
    374832
    Date Published
    January 13, 2021
    Vendor Reference
    87.0.4280.141
    CVE Reference
    CVE-2021-21106, CVE-2021-21107, CVE-2021-21108, CVE-2021-21109, CVE-2021-21110, CVE-2021-21111, CVE-2021-21112, CVE-2021-21113, CVE-2020-16043, CVE-2021-21114, CVE-2020-15995, CVE-2021-21115, CVE-2021-21116
    CVSS Scores
    Base 9.6 / Temporal 8.6
    Description
    Google Chrome is a web browser for multiple platforms developed by Google.

    Google Chrome is affected by following Vulnerability.
    CVE-2021-21106: Use after free in autofill.
    CVE-2021-21107: Use after free in drag and drop.
    CVE-2021-21108: Use after free in media.
    CVE-2021-21109: Use after free in payments.
    CVE-2021-21110: Use after free in safe browsing.
    CVE-2021-21111: Insufficient policy enforcement in WebUI.
    CVE-2021-21112: Use after free in Blink.
    CVE-2021-21113: Heap buffer overflow in Skia.
    CVE-2020-16043: Insufficient data validation in networking.
    CVE-2021-21114: Use after free in audio.
    CVE-2020-15995: Out of bounds write in V8.
    CVE-2021-21115: Use after free in safe browsing.
    CVE-2021-21116: Heap buffer overflow in audio.

    Affected Versions:
    Google Chrome Prior to 87.0.4280.141.

    QID Detection Logic(Authenticated):
    This QID checks for vulnerable version of Google Chrome on Windows , MAC OS and Linux OS.

    Consequence
    Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.

    Solution
    Customers are advised to upgrade to latest version 87.0.4280.141
    For further details refer to Google Chrome 87.0.4280.141
    Patches
    Google Chrome
  • CVE-2021-1636
    Recently Published

    Microsoft SQL Server Elevation of Privilege Vulnerability - January 2021

    Severity
    Critical4
    Qualys ID
    91721
    Date Published
    January 13, 2021
    Vendor Reference
    KB4583456, KB4583457, KB4583458, KB4583459, KB4583460, KB4583461, KB4583462, KB4583463, KB4583465
    CVE Reference
    CVE-2021-1636
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Microsoft SQL Server is prone to elevation of privilege vulnerability. Affected Software:
    SQL Server 2019 RTM (GDR,CU8)
    SQL Server 2017 RTM (GDR,CU22)
    SQL Server 2016 Service Pack 2(CU15,GDR)
    SQL Server 2014 Service Pack 3 (GDR, CU4)
    SQL Server 2012 Service Pack 4 (QFE)

    QID Detection Logic (Authenticated):
    Detection looks for Microsoft SQL Server instances and checks sqlservr.exe file version

    Consequence
    An authenticated attacker can send data over a network to an affected SQL Server when configured to run an Extended Event session.
    Solution
    Customers are advised to refer to CVE-2021-1636 for more details pertaining to this vulnerability.
    Patches
    Microsoft SQL Server(CVE-2021-1636)
  • CVE-2021-1719+
    Recently Published

    Microsoft SharePoint Enterprise Server Multiple Vulnerabilities January 2021

    Severity
    Critical4
    Qualys ID
    110371
    Date Published
    January 13, 2021
    Vendor Reference
    KB4486683, KB4486724, KB4486736, KB4493161, KB4493162, KB4493163, KB4493167, KB4493175, KB4493178, KB4493187
    CVE Reference
    CVE-2021-1719, CVE-2021-1717, CVE-2021-1716, CVE-2021-1712, CVE-2021-1718, CVE-2021-1715, CVE-2021-1714, CVE-2021-1707, CVE-2021-1641
    CVSS Scores
    Base 8 / Temporal 7
    Description
    Microsoft has released January 2021 security updates to fix multiple security vulnerabilities.

    This security update contains the following KBs:

    KB4493162
    KB4493163
    KB4493175
    KB4493178
    KB4493161
    KB4486683
    KB4493167
    KB4493187
    KB4486736
    KB4486724

    QID Detection Logic:
    This authenticated QID checks the file versions from the above Microsoft KB article with the versions on the affected SharePoint system.

    Consequence
    Successful exploitation allows an attacker to execute code remotely.

    Solution
    Refer to Microsoft Security Guidance for more details pertaining to this vulnerability.

    Patches
    Microsoft Office and Microsoft Office Services and Web Apps Security Update January 2021
  • CVE-2021-1643+
    Recently Published

    Microsoft Windows Codecs Library Remote Code Execution Vulnerabilities - January 2021

    Severity
    Critical4
    Qualys ID
    91726
    Date Published
    January 13, 2021
    Vendor Reference
    CVE-2021-1643, CVE-2021-1644
    CVE Reference
    CVE-2021-1643, CVE-2021-1644
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Multiple security vulnerabilities exist in Microsoft Windows Codecs Library.

    Affected Product::
    HEVCVideoExtension prior to 1.0.33242.0

    QID detection Logic:
    Detection gets the version of HEVCVideoExtension by querying wmi class Win32_InstalledStoreProgram.

    Consequence
    An attacker who successfully exploited the vulnerability could execute arbitrary code.

    Solution
    Users are advised to check CVE-2021-1643,CVE-2021-1644
    Patches
    Microsoft Security Update Guide
  • CVE-2021-1716+
    Recently Published

    Microsoft Office and Microsoft Office Services and Web Apps Security Update January 2021

    Severity
    Critical4
    Qualys ID
    110370
    Date Published
    January 13, 2021
    Vendor Reference
    KB4486755, KB4486759, KB4486762, KB4486764, KB4493142, KB4493143, KB4493145, KB4493156, KB4493160, KB4493165, KB4493168, KB4493171, KB4493176, KB4493181, KB4493186
    CVE Reference
    CVE-2021-1716, CVE-2021-1711, CVE-2021-1715, CVE-2021-1713, CVE-2021-1714
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Microsoft has released January 2021 security updates to fix multiple security vulnerabilities.

    This security update contains the following KBs:
    KB4493171
    KB4486764
    KB4493145
    KB4493142
    KB4493156
    KB4493160
    KB4486759
    KB4493181
    KB4493176
    KB4493186
    KB4493168
    KB4493165
    KB4486762
    KB4493143
    KB4486755

    QID Detection Logic:
    This authenticated QID checks the file versions from the Microsoft advisory with the versions on the affected office system.

    Note: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.

    Consequence
    Successful exploitation allows an attacker to execute code remotely.

    Solution
    Refer to Microsoft Security Guide for more details pertaining to this vulnerability.

    Patches
    Microsoft Office and Microsoft Office Services and Web Apps Security Update January 2021
  • CVE-2021-1691+
    Under Investigation

    Test Only- Microsoft Windows Security Update for Windows Hyper-V Server

    Severity
    Critical4
    Qualys ID
    91713
    CVE Reference
    CVE-2021-1691, CVE-2021-1692, CVE-2021-1704
    CVSS Scores
    Base 7.7 / Temporal 6.7
    Description
    Hyper-V is a hypervisor-based technology.

    Microsoft Hyper-V is prone to the following vulnerabilities:
    CVE-2021-1691 - Hyper-V Denial of Service Vulnerability
    CVE-2021-1692 - Hyper-V Denial of Service Vulnerability
    CVE-2021-1704 - Windows Hyper-V Elevation of Privilege Vulnerability

    This security update is rated Important for all supported editions of Windows.

    Consequence
    N/A
    Solution
    N/A
    Patches
    Windows 10 Version 1909 for x64-based Systems KB4598229, Windows Server, version 1909 (Server Core installation) KB4598229, Windows 10 Version 1909 for x64-based Systems KB4598229 (Security Update), Windows Server, version 1909 (Server Core installation) KB4598229 (Security Update), Windows 10 Version 1809 for x64-based Systems KB4598230 (Security Update), Windows Server 2019 KB4598230 (Security Update), Windows Server 2019 (Server Core installation) KB4598230 (Security Update), Windows 10 for x64-based Systems KB4598231, Windows 10 for x64-based Systems KB4598231 (Security Update), Windows 10 Version 2004 for x64-based Systems KB4598242, Windows Server, version 2004 (Server Core installation) KB4598242, Windows Server, version 20H2 (Server Core Installation) KB4598242, indows 10 Version 20H2 for x64-based Systems KB4598242, Windows 10 Version 2004 for x64-based Systems KB4598242 (Security Update), Windows 10 Version 20H2 for x64-based Systems KB4598242 (Security Update), Windows Server, version 2004 (Server Core installation) KB4598242 (Security Update), Windows Server, version 20H2 (Server Core Installation) KB4598242 (Security Update), Windows 10 Version 1607 for x64-based Systems KB4598243, Windows 10 Version 1607 for x64-based Systems KB4598243 (Security Update), Windows Server 2016 KB4598243 (Security Update), Windows Server 2016 KB4598243 (Security Update), Windows Server 2016 (Server Core installation) KB4598243 (Security Update), Windows Server 2016 (Server Core installation) KB4598243 (Security Update), Windows 10 Version 1803 for x64-based Systems KB4598245 (Security Update), Windows 8.1 for x64-based systems KB4598275 (Security Only), Windows 8.1 for x64-based systems KB4598275 (Security Only), Windows Server 2012 R2 KB4598275 (Security Only), Windows Server 2012 R2 KB4598275 (Security Only), Windows Server 2012 R2 (Server Core installation) KB4598275 (Security Only), Windows Server 2012 R2 (Server Core installation) KB4598275 (Security Only), Windows Server 2012 KB4598278 (Monthly Rollup), Windows Server 2012 (Server Core installation) KB4598278 (Monthly Rollup), Windows 7 for x64-based Systems Service Pack 1 KB4598279 (Monthly Rollup), Windows Server 2008 R2 for x64-based Systems Service Pack 1 KB4598279 (Monthly Rollup), Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) KB4598279 (Monthly Rollup), Windows 8.1 for x64-based systems KB4598285 (Monthly Rollup), Windows 8.1 for x64-based systems KB4598285 (Monthly Rollup), Windows Server 2012 R2 KB4598285 (Monthly Rollup), Windows Server 2012 R2 KB4598285 (Monthly Rollup), Windows Server 2012 R2 (Server Core installation) KB4598285 (Monthly Rollup), Windows Server 2012 R2 (Server Core installation) KB4598285 (Monthly Rollup), Windows Server 2008 for x64-based Systems Service Pack 2 KB4598287 (Security Only), Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) KB4598287 (Security Only), Windows Server 2008 for x64-based Systems Service Pack 2 KB4598288 (Monthly Rollup), Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) KB4598288 (Monthly Rollup), Windows 7 for x64-based Systems Service Pack 1 KB4598289 (Security Only), Windows Server 2008 R2 for x64-based Systems Service Pack 1 KB4598289 (Security Only), Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) KB4598289 (Security Only), Windows Server 2012 KB4598297 (Security Only), Windows Server 2012 (Server Core installation) KB4598297 (Security Only)
  • CVE-2021-21010
    Recently Published

    Adobe InCopy Arbitrary Code Execution Vulnerability (APSB21-05)

    Severity
    Critical4
    Qualys ID
    374839
    Date Published
    January 13, 2021
    Vendor Reference
    APSB21-05
    CVE Reference
    CVE-2021-21010
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    Adobe InCopy is a professional word processor made by Adobe.

    Adobe InCopy is affected with Arbitrary Code Execution Vulnerability.

    Affected Versions:
    Adobe InCopy 15.1.3 and earlier versions

    QID Detection Logic (Authenticated):
    This checks for vulnerable versions of InCopy.

    Consequence
    Successful exploitation could lead to the arbitrary code execution in the context of the current user.

    Solution
    The vendor has released updates to fix the vulnerabilities. Please refer to Adobe advisory APSB21-05 for details.
    Patches
    APSB21-05
  • In Development

    EOL/Obsolete Software: Wireshark 1.6 Detected

    Severity
    Urgent5
    Qualys ID
    105953
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 9 / Temporal 8.2
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 1.6 has been detected on the host. Support for Wireshark 1.6 ended on June 7, 2013. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 1.10 Detected

    Severity
    Urgent5
    Qualys ID
    105952
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 9 / Temporal 8.2
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 1.10 has been detected on the host. Support for Wireshark 1.10 ended on June 5, 2015. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 2.0 Detected

    Severity
    Urgent5
    Qualys ID
    105950
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 9 / Temporal 8.2
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 2.0 has been detected on the host. Support for Wireshark 2.0 ended on November 18, 2017. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 2.6 Detected

    Severity
    Urgent5
    Qualys ID
    105947
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 9 / Temporal 8.2
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 2.6 has been detected on the host. Support for Wireshark 2.6 ended on October 18, 2020. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 1.0 Detected

    Severity
    Urgent5
    Qualys ID
    105956
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 8.1 / Temporal 7.4
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 1.0 has been detected on the host. Support for Wireshark 1.0 ended on September 30, 2010. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 1.2 Detected

    Severity
    Urgent5
    Qualys ID
    105955
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 8.1 / Temporal 7.4
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 1.2 has been detected on the host. Support for Wireshark 1.2 ended on June 30, 2011. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 1.4 Detected

    Severity
    Urgent5
    Qualys ID
    105954
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 8.1 / Temporal 7.4
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 1.4 has been detected on the host. Support for Wireshark 1.4 ended on August 30, 2012. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 1.12 Detected

    Severity
    Urgent5
    Qualys ID
    105951
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 8.1 / Temporal 7.4
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 1.12 has been detected on the host. Support for Wireshark 1.12 ended on July 31, 2016. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 2.2 Detected

    Severity
    Urgent5
    Qualys ID
    105949
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 8.1 / Temporal 7.4
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 2.2 has been detected on the host. Support for Wireshark 2.2 ended on September 7, 2018. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 2.4 Detected

    Severity
    Urgent5
    Qualys ID
    105948
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 10 / Temporal 9.1
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 2.4 has been detected on the host. Support for Wireshark 2.4 ended on October 18, 2020. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • In Development

    EOL/Obsolete Software: Wireshark 3.0 Detected

    Severity
    Urgent5
    Qualys ID
    105946
    Date Published
    January 15, 2021
    Vendor Reference
    End Of Life
    CVSS Scores
    Base 10 / Temporal 9.1
    Description
    Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

    Wireshark 3.0 has been detected on the host. Support for Wireshark 3.0 ended on August 28, 2020. Since there will be no further bug fixes or security updates for this version of Wireshark, it highly is recommended that you migrate newer supported versions.

    Consequence
    Since the vendor no longer providers software updates, this version is most susceptible to security vulnerabilities. Depending on the vulnerability being exploited, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the targeted system.

    Solution
    Customers are advised to upgrade to the latest supported stable Wireshark version.
  • CVE-2020-8265+
    In Development

    Debian Security Update for nodejs (DSA 4826-1)

    Severity
    Critical4
    Qualys ID
    178317
    Vendor Reference
    DSA 4826-1
    CVE Reference
    CVE-2020-8265, CVE-2020-8287
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Debian has released security update fornodejs to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4826-1 for patching details.
    Patches
    Debian DSA 4826-1
  • CVE-2019-2938+
    Recently Published

    Red Hat Update for mariadb:10.3 (RHSA-2020:5654)

    Severity
    Critical4
    Qualys ID
    238982
    Date Published
    January 14, 2021
    Vendor Reference
    RHSA-2020:5654
    CVE Reference
    CVE-2019-2938, CVE-2019-2974, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.27), galera (25.3.31). (BZ#1899083, BZ#1899087)

    Security Fix(es): mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep (CVE-2020-15180)
    mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
    (CVE-2019-2938)
    mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
    (CVE-2019-2974)
    mysql: C API unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2752)
    mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2760)
    mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2780)
    mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2812)
    mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2814)
    mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249)
    mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14765)
    mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14776)
    mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14789)
    mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14812)
    mysql: C API unspecified vulnerability (CPU Jan 2020)
    (CVE-2020-2574)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2020:5654 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2020:5654
  • CVE-2019-2938+
    Recently Published

    Red Hat Update for mariadb:10.3 (RHSA-2020:5665)

    Severity
    Critical4
    Qualys ID
    238978
    Date Published
    January 14, 2021
    Vendor Reference
    RHSA-2020:5665
    CVE Reference
    CVE-2019-2938, CVE-2019-2974, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2780, CVE-2020-2812, CVE-2020-2814, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.27), galera (25.3.31). (BZ#1899084, BZ#1899088)

    Security Fix(es): mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep (CVE-2020-15180)
    mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
    (CVE-2019-2938)
    mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
    (CVE-2019-2974)
    mysql: C API unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2752)
    mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2760)
    mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2780)
    mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2812)
    mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
    (CVE-2020-2814)
    mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249)
    mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14765)
    mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14776)
    mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14789)
    mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
    (CVE-2020-14812)
    mysql: C API unspecified vulnerability (CPU Jan 2020)
    (CVE-2020-2574)

    Affected Products :

    Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
    Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
    Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
    Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2020:5665 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2020:5665
  • CVE-2020-27846
    Recently Published

    Fedora Security Update for grafana (FEDORA-2020-968067abfa)

    Severity
    Urgent5
    Qualys ID
    280637
    Date Published
    January 13, 2021
    Vendor Reference
    FEDORA-2020-968067abfa Fedora 32
    CVE Reference
    CVE-2020-27846
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Fedora has released security update for grafana to fix the vulnerability.

    Affected OS:
    Fedora 32

    Consequence
    This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system.
    Solution
    Fedora has issued updated packages to fix this vulnerability.

    For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories :
    Fedora 32 Update

    Patches
    Fedora 32 FEDORA-2020-968067abfa
  • CVE-2020-29600+
    Recently Published

    Fedora Security Update for awstats (FEDORA-2020-d1aa0e030c)

    Severity
    Critical4
    Qualys ID
    280631
    Date Published
    January 13, 2021
    Vendor Reference
    FEDORA-2020-d1aa0e030c Fedora 32
    CVE Reference
    CVE-2020-29600, CVE-2020-35176
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Fedora has released security update for awstats to fix the vulnerability.

    Affected OS:
    Fedora 32

    Consequence
    This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Fedora has issued updated packages to fix this vulnerability.

    For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories :
    Fedora 32 Update

    Patches
    Fedora 32 FEDORA-2020-d1aa0e030c
  • CVE-2020-26870+
    Recently Published

    Microsoft Visual Studio Security Update for January 2021

    Severity
    Critical4
    Qualys ID
    91710
    Date Published
    January 13, 2021
    Vendor Reference
    CVE-2020-26870
    CVE Reference
    CVE-2020-26870, CVE-2021-1723
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Microsoft has released security update for Visual Studio which resolves multiple security vulnerabilities.

    Affected Software:
    Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
    Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
    Microsoft Visual Studio 2019 version 16.7 (includes 16.0 - 16.6)
    Microsoft Visual Studio 2019 version 16.0
    Microsoft Visual Studio 2019 version 16.8

    QID Detection Logic:Authenticated
    This QID detects vulnerable versions of Microsoft Visual Studio by checking file version of devenv.exe.

    Consequence
    Successful exploitation can affect confidentiality, integrity and availability.
    Solution
    Customers are advised to refer to CVE-2020-26870 for more information pertaining to this vulnerability.
    Patches
    WIndows CVE-2020-26870
  • CVE-2019-8075+
    In Development

    Debian Security Update for chromium (DSA 4824-1)

    Severity
    Urgent5
    Qualys ID
    178310
    Vendor Reference
    DSA 4824-1
    CVE Reference
    CVE-2019-8075, CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6532, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536, CVE-2020-6537, CVE-2020-6538, CVE-2020-6539, CVE-2020-6540, CVE-2020-6541, CVE-2020-6542, CVE-2020-6543, CVE-2020-6544, CVE-2020-6545, CVE-2020-6546, CVE-2020-6547, CVE-2020-6548, CVE-2020-6549, CVE-2020-6550, CVE-2020-6551, CVE-2020-6552, CVE-2020-6553, CVE-2020-6554, CVE-2020-6555, CVE-2020-6556, CVE-2020-6557, CVE-2020-6558, CVE-2020-6559, CVE-2020-6560, CVE-2020-6561, CVE-2020-6562, CVE-2020-6563, CVE-2020-6564, CVE-2020-6565, CVE-2020-6566, CVE-2020-6567, CVE-2020-6568, CVE-2020-6569, CVE-2020-6570, CVE-2020-6571, CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959, CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15964, CVE-2020-15965, CVE-2020-15966, CVE-2020-15967, CVE-2020-15968, CVE-2020-15969, CVE-2020-15970, CVE-2020-15971, CVE-2020-15972, CVE-2020-15973, CVE-2020-15974, CVE-2020-15975, CVE-2020-15976, CVE-2020-15977, CVE-2020-15978, CVE-2020-15979, CVE-2020-15980, CVE-2020-15981, CVE-2020-15982, CVE-2020-15983, CVE-2020-15984, CVE-2020-15985, CVE-2020-15986, CVE-2020-15987, CVE-2020-15988, CVE-2020-15989, CVE-2020-15990, CVE-2020-15991, CVE-2020-15992, CVE-2020-15999, CVE-2020-16000, CVE-2020-16001, CVE-2020-16002, CVE-2020-16003, CVE-2020-16004, CVE-2020-16005, CVE-2020-16006, CVE-2020-16007, CVE-2020-16008, CVE-2020-16009, CVE-2020-16011, CVE-2020-16012, CVE-2020-16013, CVE-2020-16014, CVE-2020-16015, CVE-2020-16016, CVE-2020-16017, CVE-2020-16018, CVE-2020-16019, CVE-2020-16020, CVE-2020-16021, CVE-2020-16022, CVE-2020-16023, CVE-2020-16024, CVE-2020-16025, CVE-2020-16026, CVE-2020-16027, CVE-2020-16028, CVE-2020-16029, CVE-2020-16030, CVE-2020-16031, CVE-2020-16032, CVE-2020-16033, CVE-2020-16034, CVE-2020-16035, CVE-2020-16036, CVE-2020-16037, CVE-2020-16038, CVE-2020-16039, CVE-2020-16040, CVE-2020-16041, CVE-2020-16042
    CVSS Scores
    Base 9.6 / Temporal 8.3
    Description
    Debian has released security update for chromium to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4599-1 for patching details.
    Patches
    Debian DSA 4824-1
  • CVE-2020-16044
    Recently Published

    Mozilla Firefox Multiple Vulnerabilities (MFSA2021-01)

    Severity
    Critical4
    Qualys ID
    374827
    Date Published
    January 13, 2021
    Vendor Reference
    MFSA2021-01
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

    CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
    Affected Products:
    Prior to Firefox 84.0.2

    QID Detection Logic (Authenticated) :
    This checks for vulnerable version of Firefox browser.

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Vendor has released fix to address these vulnerabilities. Refer to MFSA2021-01
    Patches
    MAC OS X MFSA2021-01, WIndows MFSA2021-01
  • CVE-2020-16044
    Recently Published

    Mozilla Firefox ESR Multiple Vulnerabilities (MFSA2021-01)

    Severity
    Critical4
    Qualys ID
    374826
    Date Published
    January 13, 2021
    Vendor Reference
    MFSA2021-01
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

    CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
    Affected Products:
    Prior to Firefox ESR 78.6.1

    QID Detection Logic (Authenticated) :
    This checks for vulnerable version of Firefox browser.

    Consequence
    On successful exploitation it could allow an attacker to execute code.
    Solution
    Vendor has released fix to address these vulnerabilities. Refer to MFSA2021-01
    Patches
    MAC OS X MFSA2021-01, WIndows MFSA2021-01
  • CVE-2020-14318+
    Recently Published

    Amazon Linux Security Advisory for samba: ALAS2-2021-1585

    Severity
    Urgent5
    Qualys ID
    352177
    Date Published
    January 11, 2021
    Vendor Reference
    ALAS-2021-1585
    CVE Reference
    CVE-2020-14318, CVE-2020-14323, CVE-2020-1472
    CVSS Scores
    Base 10 / Temporal 8.3
    Description
    <DIV> Issue Overview:

    A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. (CVE-2020-14318 )

    A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14323 )

    A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administratorprivileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1585 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 samba (4.10.16-9.amzn2.0.1) on aarch64 ALAS-2021-1585, Amazon Linux 2 samba (4.10.16-9.amzn2.0.1) on i686 ALAS-2021-1585, Amazon Linux 2 samba (4.10.16-9.amzn2.0.1) on noarch ALAS-2021-1585, Amazon Linux 2 samba (4.10.16-9.amzn2.0.1) on src ALAS-2021-1585, Amazon Linux 2 samba (4.10.16-9.amzn2.0.1) on x86_64 ALAS-2021-1585
  • CVE-2020-0452
    Recently Published

    Amazon Linux Security Advisory for libexif: ALAS2-2021-1580

    Severity
    Critical4
    Qualys ID
    352182
    Date Published
    January 11, 2021
    Vendor Reference
    ALAS-2021-1580
    CVE Reference
    CVE-2020-0452
    CVSS Scores
    Base 9.8 / Temporal 7.8
    Description
    <DIV> Issue Overview:

    A flaw was found in libexif. A possible out of bounds write, due ot an integer overflow, could lead to a remote code execution if a third party app used this library to process remote image data. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-0452 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1580 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 libexif (0.6.22-2.amzn2) on aarch64 ALAS-2021-1580, Amazon Linux 2 libexif (0.6.22-2.amzn2) on i686 ALAS-2021-1580, Amazon Linux 2 libexif (0.6.22-2.amzn2) on src ALAS-2021-1580, Amazon Linux 2 libexif (0.6.22-2.amzn2) on x86_64 ALAS-2021-1580
  • CVE-2019-20933
    In Development

    Debian Security Update for influxdb (DSA 4823-1)

    Severity
    Critical4
    Qualys ID
    178309
    Vendor Reference
    DSA 4823-1
    CVE Reference
    CVE-2019-20933
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released security update for influxdb to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4598-1 for patching details.
    Patches
    Debian DSA 4823-1
  • CVE-2020-16012+
    Recently Published

    Amazon Linux Security Advisory for thunderbird: ALAS2-2021-1586

    Severity
    Critical4
    Qualys ID
    352176
    Date Published
    January 11, 2021
    Vendor Reference
    ALAS-2021-1586
    CVE Reference
    CVE-2020-16012, CVE-2020-16042, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113
    CVSS Scores
    Base 8.8 / Temporal 7
    Description
    <DIV> Issue Overview:

    When drawing a transparent image on top of an unknown cross-origin image, the Skia library `drawImage` function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel attacks. (CVE-2020-16012 )

    The Mozilla Foundation Security Advisory describes this flaw as:When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read. (CVE-2020-16042 )

    A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26951 )

    It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26953 )

    In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26956 )

    Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26958 )

    During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26959 )

    If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26960 )

    When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. (CVE-2020-26961 )

    Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1586 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 thunderbird (78.6.0-1.amzn2) on aarch64 ALAS-2021-1586, Amazon Linux 2 thunderbird (78.6.0-1.amzn2) on src ALAS-2021-1586, Amazon Linux 2 thunderbird (78.6.0-1.amzn2) on x86_64 ALAS-2021-1586
  • CVE-2020-15862
    Recently Published

    Amazon Linux Security Advisory for net-snmp: ALAS2-2021-1582

    Severity
    Critical4
    Qualys ID
    352180
    Date Published
    January 11, 2021
    Vendor Reference
    ALAS-2021-1582
    CVE Reference
    CVE-2020-15862
    CVSS Scores
    Base 7.8 / Temporal 6.3
    Description
    <DIV> Issue Overview:

    A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-15862 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1582 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 net-snmp (5.7.2-49.amzn2.1) on aarch64 ALAS-2021-1582, Amazon Linux 2 net-snmp (5.7.2-49.amzn2.1) on i686 ALAS-2021-1582, Amazon Linux 2 net-snmp (5.7.2-49.amzn2.1) on src ALAS-2021-1582, Amazon Linux 2 net-snmp (5.7.2-49.amzn2.1) on x86_64 ALAS-2021-1582
  • CVE-2020-8201+
    Recently Published

    Amazon Linux Security Advisory for libuv: ALAS2-2021-1581

    Severity
    Critical4
    Qualys ID
    352181
    Date Published
    January 11, 2021
    Vendor Reference
    ALAS-2021-1581
    CVE Reference
    CVE-2020-8201, CVE-2020-8251
    CVSS Scores
    Base 7.5 / Temporal 6
    Description
    <DIV> Issue Overview:

    Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names. (CVE-2020-8201 )

    A flaw was found in Node.js 14.x, in versions before 14.11, where it is vulnerable to a denial of service caused by delayed requests. When used as an edge server, this flaw allows an attacker to initiate a large number of HTTP requests, causing resource exhaustion and leaving the service unable to accept new connections. The highest threat from this vulnerability is to system availability. (CVE-2020-8251 )

    </DIV>
    Consequence
    Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
    Solution
    Please refer to Amazon advisory ALAS-2021-1581 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 libuv (1.39.0-1.amzn2) on aarch64 ALAS-2021-1581, Amazon Linux 2 libuv (1.39.0-1.amzn2) on i686 ALAS-2021-1581, Amazon Linux 2 libuv (1.39.0-1.amzn2) on src ALAS-2021-1581, Amazon Linux 2 libuv (1.39.0-1.amzn2) on x86_64 ALAS-2021-1581
  • CVE-2020-16044
    In Development

    Debian Security Update for firefox-esr (DSA 4827-1)

    Severity
    Critical4
    Qualys ID
    178314
    Vendor Reference
    DSA 4827-1
    CVE Reference
    CVE-2020-16044
    CVSS Scores
    Base / Temporal
    Description
    Debian has released security update forfirefox-esr to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4827-1 for patching details.
    Patches
    Debian DSA 4827-1
  • In Development

    Debian Security Update for minidlna(DSA 4806-2)

    Severity
    Critical4
    Qualys ID
    178313
    Vendor Reference
    DSA 4601-1
    CVSS Scores
    Base 7.3 / Temporal 6.4
    Description
    Debian has released security update for minidlna to fix the vulnerabilities.
    Consequence
    Successful exploitation allows attacker to compromise the system.
    Solution
    Refer to Debian security advisory DSA 4806-2 for patching details.
    Patches
    Debian DSA 4806-2
  • CVE-2020-16881
    Recently Published

    Visual Studio Code JSON Remote Code Execution Vulnerability

    Severity
    Critical4
    Qualys ID
    374823
    Date Published
    January 11, 2021
    Vendor Reference
    CVE-2020-16881
    CVE Reference
    CVE-2020-16881
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.

    A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file, aka 'Visual Studio JSON Remote Code Execution Vulnerability'.

    Affected Versions:
    Visual studio code prior to version 1.48.2

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of visual studio code.

    Consequence
    A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.
    Solution
    Please refer to Microsoft advisory for Visual Studio Code for more details.
    Patches
    Linux CVE-2020-16881, WIndows CVE-2020-16881
  • CVE-2020-12100+
    Recently Published

    SUSE Enterprise Linux Security Update for dovecot23 (SUSE-SU-2021:0029-1)

    Severity
    Critical4
    Qualys ID
    174512
    Date Published
    January 7, 2021
    Vendor Reference
    SUSE-SU-2021:0029-1
    CVE Reference
    CVE-2020-12100, CVE-2020-24386, CVE-2020-25275
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    SUSE has released security update for dovecot23 to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Server for SAP 15

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0029-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0029-1
  • CVE-2020-24386
    Recently Published

    SUSE Enterprise Linux Security Update for dovecot22 (SUSE-SU-2021:0018-1)

    Severity
    Critical4
    Qualys ID
    174508
    Date Published
    January 6, 2021
    Vendor Reference
    SUSE-SU-2021:0018-1
    CVE Reference
    CVE-2020-24386
    CVSS Scores
    Base 6.8 / Temporal 5.9
    Description
    SUSE has released security update for dovecot22 to fix the vulnerabilities.

    Affected Products:
    SUSE Linux Enterprise Software Development Kit 12-SP5
    SUSE Linux Enterprise Server for SAP 12-SP4
    SUSE Linux Enterprise Server for SAP 12-SP3
    SUSE Linux Enterprise Server for SAP 12-SP2
    SUSE Linux Enterprise Server 12-SP5

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to Suse security advisory SUSE-SU-2021:0018-1 to address this issue and obtain further details.

    Patches
    SUSE Enterprise Linux SUSE-SU-2021:0018-1
  • CVE-2020-28360
    Recently Published

    NPM Private-IP Package Server Side Request Forgery bypass Vulnerability

    Severity
    Critical4
    Qualys ID
    374820
    Date Published
    January 6, 2021
    Vendor Reference
    npm
    CVE Reference
    CVE-2020-28360
    CVSS Scores
    Base 9.8 / Temporal 8.8
    Description
    npm is a package manager for the JavaScript programming language. It is the default package manager for the JavaScript runtime environment Node.js.

    Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF.
    Affected versions:
    private-ip including and prior to 1.0.5

    QID Detection logic:(Authenticated)
    It fires npm list | grep 'private-ip' command to check the Private-IP package version

    Consequence
    Successful exploitation of this vulnerability allow remote attackers to request server-side resources or potentially execute arbitrary code through various SSRF techniques.
    Solution
    Customers are advised to update Private-IP package 2.0.0 or later . Please refer the Vendor advisory link NPM
    Patches
    NPM
  • CVE-2020-8752+
    Recently Published

    Intel Active Management Technology, Intel Standard Manageability Multiple Vulnerabilities(INTEL-SA-00391)

    Severity
    Critical4
    Qualys ID
    38824
    Date Published
    January 11, 2021
    Vendor Reference
    intel-sa-00391
    CVE Reference
    CVE-2020-8752, CVE-2020-8753, CVE-2020-8757, CVE-2020-8760, CVE-2020-8747, CVE-2020-12356, CVE-2020-8746, CVE-2020-8749, CVE-2020-8754
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Potential security vulnerabilities in Intel Active Management Technology (AMT), Intel Standard Manageability(ISM) may allow escalation of privilege, denial of service or information disclosure.

    Affected Versions:
    Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45
    QID Detection Logic (Un-authenticated):
    Intel AMT and ISM when enabled exposes its version remotely on TCP ports 16992, 16993. This QID matches vulnerable versions based on the exposed information.

    Consequence
    Successful exploitation may allow unauthenticated user to potentially enable escalation of privileges via network access.

    Solution
    The vendor has released an updated firmware to fix the vulnerability. Please refer to Intel advisory INTEL-SA-00391 for details.
    Patches
    INTEL-SA-00391
  • CVE-2018-1126
    Recently Published

    F5 BIG-IP ASM,LTM,APM procps-ng Integer Overflow Vulnerability (K83271321)

    Severity
    Critical4
    Qualys ID
    374815
    Date Published
    January 5, 2021
    Vendor Reference
    K83271321
    CVE Reference
    CVE-2018-1126
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
    F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BiG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
    F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.

    procps-ng is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

    Vulnerable Component: BIG-IP ASM, APM,LTM

    Affected Versions:
    13.1.0 - 13.1.3
    12.1.0 - 12.1.5
    11.6.1 - 11.6.5

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    A local attacker may be able cause an integer overflow that negatively impacts applications.
    Solution
    The vendor has released any patch, for more information please visit: K83271321
    Patches
    K83271321
  • CVE-2017-10672
    Recently Published

    EulerOS Security Update for perl-XML-LibXML (EulerOS-SA-2020-2383)

    Severity
    Critical4
    Qualys ID
    374801
    Date Published
    January 5, 2021
    Vendor Reference
    EulerOS-SA-2020-2383
    CVE Reference
    CVE-2017-10672
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Euler has released security update for perl-XML-LibXML to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP2

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released security update to fix the vulnerability. For more information please visit EulerOS-SA-2020-2383
    Patches
    EulerOS-SA-2020-2383
  • CVE-2020-27153
    Recently Published

    EulerOS Security Update for bluez (EulerOS-SA-2020-2507)

    Severity
    Critical4
    Qualys ID
    374807
    Date Published
    January 5, 2021
    Vendor Reference
    EulerOS-SA-2020-2507
    CVE Reference
    CVE-2020-27153
    CVSS Scores
    Base 8.6 / Temporal 7.5
    Description
    Euler has released security update for bluez to fix the vulnerabilities.

    Affected OS: EulerOS V2.0SP8

    Consequence
    An arbitrary attacker may exploit this vulnerability to compromise the system.
    Solution
    The Vendor has released security update to fix the vulnerability. For more information please visit EulerOS-SA-2020-2507
    Patches
    EulerOS-SA-2020-2507
  • CVE-2020-29583
    Recently Published

    Zyxel Firewalls And AP Controller Hardcoded Credential Vulnerability

    Severity
    Critical4
    Qualys ID
    374803
    Date Published
    January 4, 2021
    Vendor Reference
    CVE-2020-29583
    CVE Reference
    CVE-2020-29583
    CVSS Scores
    Base 9.8 / Temporal 8.8
    Description
    Zyxel Communications Corp. is a manufacturer of DSL and other networking devices.

    A hardcoded credential vulnerability was identified in the zyfwp user account in some Zyxel firewalls and AP controllers.

    Affected Versions:
    ATP series running firmware ZLD V4.60
    USG series running firmware ZLD V4.60
    USG FLEX series running firmware ZLD V4.60
    VPN series running firmware ZLD V4.60
    NXC2500
    NXC5500

    QID Detection Logic:(authenticated)
    This QID tries to log in on a target using hardcoded credentials.

    Consequence
    Successful attack can allow an attacker to gain access to target system.
    Solution
    Customer are advised to update the device firmware
    For more details please refer to advisoryhere.
    Patches
    CVE-2020-29583