octubre 2021 – Página 2

22 octubre, 2021

Apache vulnerability CVE-2021-40438

Apache vulnerability CVE-2021-40438 Security Advisory Security Advisory Description A crafted request uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote ... More info: https://support.f5.com/csp/article/K01552024?utm_source=f5support&utm_medium=RSS

21 octubre, 2021

TMUI XSS vulnerability CVE-2021-23037

TMUI XSS vulnerability CVE-2021-23037 Security Advisory Security Advisory Description A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration ... More info: https://support.f5.com/csp/article/K21435974?utm_source=f5support&utm_medium=RSS

21 octubre, 2021

Apache HTTPD vulnerability CVE-2021-36160

Apache HTTPD vulnerability CVE-2021-36160 Security Advisory Security Advisory Description A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and ... More info: https://support.f5.com/csp/article/K13401920?utm_source=f5support&utm_medium=RSS

20 octubre, 2021

Oracle Critical Patch Update Advisory – October 2021

More info: https://www.oracle.com/security-alerts/cpuoct2021.html

18 octubre, 2021

VMware and the 2021 Tianfu Cup PWN Contest

Update October 17, 2021 Tianfu Cup International PWN Contest 2021 has been wrapped up with two successful attempts on our products. The Kunlun Lab team has been successful with their both attempts on VMware ESXi and VMware Workstation. We are currently investigating these issues after having received the details. We are actively working on its The post VMware and the 2021 Tianfu Cup PWN Contest appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/09/vmware-and-the-2021-tianfu-cup-pwn-contest.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-and-the-2021-tianfu-cup-pwn-contest

17 octubre, 2021

Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931

Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931 Security Advisory Security Advisory Description CVE-2021-3672 Missing input validation of host names returned by Domain Name Servers (DNS) ... More info: https://support.f5.com/csp/article/K53225395?utm_source=f5support&utm_medium=RSS

16 octubre, 2021

Eclipse Jetty vulnerability CVE-2021-28165

Eclipse Jetty vulnerability CVE-2021-28165 Security Advisory Security Advisory Description In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can ... More info: https://support.f5.com/csp/article/K15338344?utm_source=f5support&utm_medium=RSS

15 octubre, 2021

VMware Carbon Black Workload 1.1 General Availability

This piece was written by Arjun Narang and Ashwin Manekar Workload 1.1 Updates and New Features We’re excited to announce the general availability of Workload 1.1. This release includes user experience and usability feature enhancements, and a new tagging feature with NSX-T. With this new release, you’ll see our continued focus on helping customers with their security and IT modernization needs. Update – Enhanced Proxy Support Many VMware Carbon Black Workload customers are More info: https://blogs.vmware.com/security/2021/10/vmware-carbon-black-workload-1-1-general-availability.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-carbon-black-workload-1-1-general-availability

14 octubre, 2021

JSA11220 – 2021-10 Security Bulletin: Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal (CVE-2021-31355)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11220&actp=RSS

14 octubre, 2021

JSA11219 – 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE) (CVE-2021-31354)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11219&actp=RSS