oss-sec: by date
RSS Feed
About List
All Lists
Previous period
182 messages
starting Oct 03 21 and
ending Dec 28 21
Date index |
Thread index |
Author index
Sunday, 03 October
Supply Chain Security and Tar Samanta Navarro
CVE-2021-28116 / ZDI-CAN-11610 / SQUID-2020:12 Out-Of-Bounds memory access in WCCPv2 Amos Jeffries
Monday, 04 October
Re: 3 new CVE's in vim Alan Coopersmith
Re: 3 new CVE's in vim Alex Gaynor
Re: 3 new CVE's in vim Alan Coopersmith
Moby (Docker Engine) CVE-2021-41089 Karp, Samuel
Tuesday, 05 October
CVE-2021-41524: Apache HTTP Server: null pointer dereference in h2 fuzzing Stefan Eissing
CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 Stefan Eissing
Fwd: Node.js security updates for all active release lines, October 2021 Matteo Collina
CVE-2021-39226 Grafana snapshot authentication bypass Richard Hartmann
Xen Security Advisory 386 v1 (CVE-2021-28702) - PCI devices with RMRRs not deassigned correctly Xen . org security team
Wednesday, 06 October
Multiple vulnerabilities in Jenkins and Jenkins plugins Wadeck Follonier
Thursday, 07 October
RE: CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 Tim Wadhwa-Brown (twadhwab)
Xen Security Advisory 386 v2 (CVE-2021-28702) - PCI devices with RMRRs not deassigned correctly Xen . org security team
CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file Dave Fisher
CVE-2021-40439: Apache OpenOffice: Billion Laughs Dave Fisher
CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid Dave Fisher
CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Stefan Eissing
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Roman Medina-Heigl Hernandez
Friday, 08 October
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Yann Ylavic
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Solar Designer
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Yann Ylavic
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Solar Designer
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Yann Ylavic
Saturday, 09 October
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Roman Medina-Heigl Hernandez
Monday, 11 October
CVE-2021-41830: Apache OpenOffice: Double Certificate Attack Dave Fisher
CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping Dave Fisher
CVE-2021-41832: Apache OpenOffice: Content Manipulation with Certificate Validation Attack Dave Fisher
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Yann Ylavic
Tuesday, 12 October
CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request Eric Friedrich
CVE-2021-38295 Apache CouchDB <= 3.1.1 privilege escalation Jan Lehnardt
Thursday, 14 October
CVE-2021-42340: Apache Tomcat: DoS via memory leak with WebSocket connections Mark Thomas
CVE-2021-42257: check_smart.pl: unprivileged user can alter hard drive settings Wolfgang Frisch
CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Alon Zahavi
Friday, 15 October
CVE-2021-32609: Apache Superset: XSS vulnerability on Explore page Daniel Gaspar
CVE-2021-41971: Apache Superset: Possible SQL Injection when template processing is enabled Daniel Gaspar
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Roman Medina-Heigl Hernandez
Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) Yann Ylavic
Monday, 18 October
Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up halfdog
Tuesday, 19 October
Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c butt3rflyh4ck
Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Miklos Szeredi
Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Thadeu Lima de Souza Cascardo
Wednesday, 20 October
Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Miklos Szeredi
Core-dump handing issues with suid binaries Itai Greenhut
Thursday, 21 October
CVE-2021-38294: Apache Storm: Shell Command Injection Vulnerability in Nimbus Thrift Server Derek Dagit
CVE-2021-40865: Apache Storm: Unsafe Pre-Authentication Deserialization In Workers Derek Dagit
[kubernetes] CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces CJ Cullen
Mailman 2.1.35 security release Alan Coopersmith
Monday, 25 October
Linux kernel: powerpc: KVM guest can trigger host crash on Power8 Michael Ellerman
[ES2021-05] FreeSWITCH vulnerable to SIP digest leak for configured gateways Sandro Gauci
[ES2021-08] FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default Sandro Gauci
[ES2021-06] FreeSWITCH susceptible to Denial of Service via SIP flooding Sandro Gauci
[ES2021-09] FreeSWITCH susceptible to Denial of Service via invalid SRTP packets Sandro Gauci
[ES2021-07] FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing Sandro Gauci
Tuesday, 26 October
Re: Linux kernel: powerpc: KVM guest can trigger host crash on Power8 John Paul Adrian Glaubitz
CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Lin Horse
Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Solar Designer
Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Lin Horse
Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Solar Designer
Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Thadeu Lima de Souza Cascardo
CVE-2021-21703: PHP-FPM 5.3.7 <= 8.0.12 Local Root Charles Fol
RE: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Anthony Liguori
WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Carlos Alberto Lopez Perez
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso
Wednesday, 27 October
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Francis Perron
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Alberto Garcia
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Samuel Groß
Re: Linux kernel: powerpc: KVM guest can trigger host crash on Power8 Salvatore Bonaccorso
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso
Thursday, 28 October
Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object Roxana Bradescu
spacewalk-admin: CVE-2021-40348: arbitrary local code execution by 'tomcat' user via rhn-config-satellite.pl Paolo Perego
Re: Linux kernel: powerpc: KVM guest can trigger host crash on Power8 John Paul Adrian Glaubitz
Re: Linux kernel: powerpc: KVM guest can trigger host crash on Power8 John Paul Adrian Glaubitz
Friday, 29 October
CVE website transition from cve.mitre.org to cve.org Alan Coopersmith
Sunday, 31 October
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso
CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code Pietro Albini
Monday, 01 November
[ANNOUNCE] Apache MINA 2.0.22 & 2.1.5 released Emmanuel Lecharny
CVE-2021-27644: Apache DolphinScheduler: DolphinScheduler mysql jdbc connector parameters deserialize remote code execution Calvin Kirs
Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code Jakub Wilk
Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code Dave Horsfall
Trojan Source Attacks Nicholas Boucher
Re: Trojan Source Attacks Jan Engelhardt
CVE-2021-41973: Apache MINA HTTP listener DOS Emmanuel Lecharny
Re: Trojan Source Attacks Perry E. Metzger
Re: Trojan Source Attacks Santiago Torres
Re: Trojan Source Attacks Jan Engelhardt
Re: Trojan Source Attacks Siddhesh Poyarekar
Tuesday, 02 November
Barrier "software KVM switch" multiple remote security issues Matthias Gerstner
Re: Trojan Source Attacks David A. Wheeler
Re: Trojan Source Attacks Josh Bressers
Re: Trojan Source Attacks David A. Wheeler
Re: Trojan Source Attacks Michael Orlitzky
Re: Trojan Source Attacks Stuart D Gathman
Re: Trojan Source Attacks Stuart D Gathman
Apache Traffic Server is vulnerable to various smuggle, DOS, and validation attacks Bryan Call
Re: Trojan Source Attacks Seth Arnold
Wednesday, 03 November
CVE-2021-41174 Grafana XSS vulnerability Daniel Lee
Thursday, 04 November
Re: Trojan Source Attacks Georgi Guninski
Re: Trojan Source Attacks Leonid Isaev (ifax)
Multiple vulnerabilities in Jenkins and Jenkins plugins Daniel Beck
Friday, 05 November
Re: Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c butt3rflyh4ck
Tuesday, 09 November
[CVE-2021-43523] Incorrect handling of special characters in domain names in uclibc and uclibc-ng Philipp Jeitner (SIT)
Wednesday, 10 November
Trovent Security Advisory 2105-02 / CVE-2021-33618: Stored cross-site scripting in Dolibarr ERP & CRM Stefan Pietsch
Trovent Security Advisory 2106-01 / CVE-2021-33816: Authenticated remote code execution in Dolibarr ERP & CRM Stefan Pietsch
Fwd: Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download Solar Designer
Thursday, 11 November
CVE-2021-26558: Apache ShardingSphere-UI: Deserialization of Untrusted Data Juan Pan
CVE-2021-41972: Apache Superset: Credentials leak Daniel Gaspar
CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops Zach Hoffman
Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops Zach Hoffman
Friday, 12 November
Multiple vulnerabilities in Jenkins plugins Daniel Beck
Monday, 15 November
Grafana 8.2.4 released with security fixes Vardan Torosyan
Tuesday, 16 November
CVE-2021-37580: Apache ShenYu Admin bypass JWT authentication Liang Liu
Wednesday, 17 November
Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops Zach Hoffman
CVE-2021-42250: Apache Superset: Possible log injection Daniel Gaspar
Friday, 19 November
CVE-2021-36372: Apache Ozone: Original block tokens are persisted and can be retrieved Siddharth Wagle
CVE-2021-39231: Apache Ozone: Missing authentication/authorization on internal RPC endpoints Siddharth Wagle
CVE-2021-39232: Apache Ozone: Missing admin check for SCM related admin commands Siddharth Wagle
CVE-2021-39233: Apache Ozone: Container-related datanode operations can be called without authorization Siddharth Wagle
CVE-2021-39234: Apache Ozone: Raw block data can be read bypassing ACL/authorization Siddharth Wagle
CVE-2021-39235: Apache Ozone: Access mode of block tokens are not enforced Siddharth Wagle
CVE-2021-39236: Apache Ozone: Owners of the S3 tokens are not validated Siddharth Wagle
CVE-2021-41532: Apache Ozone: Unauthenticated access to Ozone Recon HTTP endpoints Siddharth Wagle
Xen Security Advisory 390 v1 (CVE-2021-28710) - certain VT-d IOMMUs may not work in shared page table mode Xen . org security team
CVE-2021-41190 OCI distribution and image spec: "content-type" confusion Vincent Batts
Monday, 22 November
CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable Zexuan Luo
Re: CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable Marcin Niemiec
Tuesday, 23 November
Re: CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable Zhiyuan Ju
[CVE-2021-40369] Apache JSPWiki Cross-site scripting vulnerability on Denounce plugin Juan Pablo Santos Rodríguez
[CVE-2021-44140] Apache JSPWiki Arbitrary file deletion on logout Juan Pablo Santos Rodríguez
Xen Security Advisory 385 v2 (CVE-2021-28706) - guests may exceed their designated memory limit Xen . org security team
Xen Security Advisory 389 v3 (CVE-2021-28705,CVE-2021-28709) - issues with partially successful P2M updates on x86 Xen . org security team
Xen Security Advisory 387 v2 (CVE-2021-28703) - grant table v2 status pages may remain accessible after de-allocation (take two) Xen . org security team
Xen Security Advisory 388 v3 (CVE-2021-28704,CVE-2021-28707,CVE-2021-28708) - PoD operations on misaligned GFNs Xen . org security team
Thursday, 25 November
CVE-2021-4002: Linux kernel: Missing TLB flush on hugetlbfs Nadav Amit
Tuesday, 30 November
IMA gadgets Florian Weimer
Wednesday, 01 December
Re: IMA gadgets Grant Taylor
Re: IMA gadgets Johannes Segitz
Re: IMA gadgets Jens Timmerman
CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Dennis Jackson
Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Alan Coopersmith
Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Kai Engert
Re: IMA gadgets Travis Finkenauer
Friday, 03 December
CVE-2021-3657: multiple buffer overflows in isync/mbsync Oswald Buddenhagen
CVE-2021-44143: heap overflow in isync/mbsync Oswald Buddenhagen
Sunday, 05 December
CVE-2021-43784: integer overflow in runc's netlink bytemsg allows malicious configuration to discreetly modify container configuration Aleksa Sarai
Monday, 06 December
tmate-ssh-server: Local Privilege Escalation Issues and DoS issues (CVE-2021-44512, CVE-2021-44513) Matthias Gerstner
CVE-2021-43410: Apache Airavata Django Portal: airavata-django-portal allows CRLF log injection because of the lack of escaping in the log statements Marcus Christie
Tuesday, 07 December
Django: CVE-2021-44420: Potential bypass of an upstream access control based on URL paths Mariusz Felisiak
Thursday, 09 December
Multiple issues fixed in Privoxy 3.0.33 stable Fabian Keil
CVE-2021-43798 Grafana directory traversal Daniel Lee
Friday, 10 December
CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints Ralph Goers
Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints Moritz Bechler
Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints Moritz Bechler
CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files Timur Olzhabayev
Monday, 13 December
Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 Moritz Bechler
CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 Ralph Goers
Tuesday, 14 December
Fwd: X.Org Security Advisory: December 14, 2021 Povilas Kanapickas
CVE-2021-4095: kernel: KVM: NULL pointer dereference in kvm_dirty_ring_get() in virt/kvm/dirty_ring.c butt3rflyh4ck
Re: Fwd: X.Org Security Advisory: December 14, 2021 Alan Coopersmith
CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack Ron Grabowski
[CVE-2021-44528] Possible Open Redirect in Host Authorization Middleware Aaron Patterson
Wednesday, 15 December
Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack Jeffrey Walton
Trovent Security Advisory 2109-01 / CVE-2021-41843: Authenticated SQL injection in OpenEMR calendar search Stefan Pietsch
Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack Moritz Bechler
CVE-2021-39685 : Linux Kernel USB Gadget buffer overflow Szymon Heidrich
Thursday, 16 December
CVE-2021-44145: Apache NiFi information disclosure by XXE Nathan Gough
Saturday, 18 December
Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack Moritz Bechler
CVE-2021-44548: Apache Solr information disclosure vulnerability through DataImportHandler Jan Høydahl
CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation Matt Sicker
Monday, 20 December
CVE-2021-41561: Apache Parquet-MR potential DoS in case of malicious Parquet file Gábor Szádovszky
CVE-2021-43083: Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response Christofer Dutz
CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier Stefan Eissing
CVE-2021-44790: Apache HTTP Server: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier Stefan Eissing
Xen Security Advisory 376 v1 - frontends vulnerable to backends Xen . org security team
WebKitGTK and WPE WebKit Security Advisory WSA-2021-0007 Carlos Alberto Lopez Perez
Xen Security Advisory 391 v3 (CVE-2021-28711,CVE-2021-28712,CVE-2021-28713) - Rogue backends can cause DoS of guests via high frequency events Xen . org security team
Xen Security Advisory 392 v4 (CVE-2021-28714,CVE-2021-28715) - Guest can force Linux netback driver to hog large amounts of kernel memory Xen . org security team
Thursday, 23 December
binutils: Stack-overflow in debug_write_type in debug.c Pavel Mayorov
CVE-2021-44273: e2guardian did not validate TLS hostnames Alexander E. Patrakov
Friday, 24 December
CVE-2021-45469: Linux kernel: an out-of-bounds memory access in fs/f2fs/xattr.c __f2fs_setxattr Wenqing Liu
Monday, 27 December
CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access JunXu Chen
Tuesday, 28 December
CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration Matt Sicker