4 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachments.aspx. Ivanti Service Manager versión 2021.1, permite un ataque de tipo XSS reflejado por medio del parámetro appName asociado a las llamadas de ConfigDB, como en RelocateAttachments.aspx • https://github.com/os909/iVANTI-CVE-2021-38560 https://forums.ivanti.com/s/article/Ivanti-Service-Manager-Asset-Manager-2021-1-Release-Notes?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent. The DoS can be triggered by sending a specially crafted network packet. Una Denegación de Servicio (DoS) en Ivanti Service Manager HEAT Remote Control versión 7.4, debido a un desbordamiento del búfer en el analizador de protocolos del agente "HEATRemoteService". El DoS se puede activar mediante el envío de un paquete de red especialmente diseñado • https://forums.ivanti.com/s/article/Release-Notes-for-DSM-2020-1 https://insinuator.net/2020/06/security-advisories-for-ivanti-dsm-suite • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 97%CPEs: 91EXPL: 0

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. Jonathan Looney detectó que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de enteros en el kernel de Linux durante el manejo del Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podría usar esto para causar una denegación de servicio. • http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en http://www.openwall.com/lists/oss-security/2019/06/20/3 http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss&# • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 96%CPEs: 90EXPL: 0

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e. Jonathan Looney descubrió que la implementación de la cola de retransmisión de TCP en tcp_fragment en el kernel de Linux podría estar fragmentada cuando se manejan ciertas secuencias de Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podría usar esto para causar una denegación de servicio. • http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists& • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •