Day: Mart 2, 2022

CVE-2021-38266

Liferay Portal through v7.2.1 and Liferay DXP through v7.2 does not correctly import users from LDAP, allowing remote attackers to prevent a legitimate user from…

Devamını oku

CVE-2021-3715

A flaw was found in the “Routing decision” classifier in the Linux kernel’s Traffic Control networking subsystem in the way it handled changing of classification…

Devamını oku

CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can…

Devamını oku

CVE-2021-3667

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not…

Devamını oku

CVE-2021-3658

bluetoothd from bluez incorrectly saves adapters’ Discoverable status when a device is powered down, and restores it when powered up. If a device is powered…

Devamını oku

CVE-2021-3654

A vulnerability was found in openstack-nova’s console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. Zafiyet…

Devamını oku

CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs’ dynamic labels. This flaw allows one exploited guest to access…

Devamını oku

CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client’s first few queries, despite the use of SSL certificate verification and encryption. Zafiyet ile ilgili…

Devamını oku