Monthly Archive: January 2021

ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0...

Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump...

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This...

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). Date published : 2021-01-25...

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). Date published : 2021-01-25 https://security.netapp.com/advisory/ntap-20210226-0002/ https://support.apple.com/kb/HT212529

Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter. Date published : 2021-01-25 http://textpattern.com https://riteshgohil-25.medium.com/textpattern-4-8-4-is-affected-by-cross-site-scripting-xss-in-the-body-parameter-b9a3d7da2a88