The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of RSA Authentication Manager

Apache ActiveMQ: denial of service via Corrupt MQTT Frame
An attacker can trigger a fatal error via Corrupt MQTT Frame of Apache ActiveMQ, in order to trigger a denial of service...
6344071, cpujul2019, CVE-2019-0222, DLA-2582-1, DLA-2583-1, DSA-2019-133, VIGILANCE-VUL-33508
Oracle Fusion Middleware: vulnerabilities of April 2020
Several vulnerabilities were announced in Oracle products...
cpuapr2020, CVE-2017-14232, CVE-2017-17359-REJECT, CVE-2017-7857, CVE-2017-7858, CVE-2017-7864, CVE-2020-2739, CVE-2020-2740, CVE-2020-2745, CVE-2020-2747, CVE-2020-2766, CVE-2020-2783, CVE-2020-2784, CVE-2020-2785, CVE-2020-2786, CVE-2020-2787, CVE-2020-2798, CVE-2020-2801, CVE-2020-2811, CVE-2020-2828, CVE-2020-2829, CVE-2020-2867, CVE-2020-2869, CVE-2020-2883, CVE-2020-2884, CVE-2020-2915, CVE-2020-2949, CVE-2020-2950, CVE-2020-2952, CVE-2020-2963, DSA-2020-135, VIGILANCE-VUL-32026, ZDI-20-504, ZDI-20-570
Netty: overload via ZlibDecoders
An attacker can trigger an overload via ZlibDecoders of Netty, in order to trigger a denial of service...
CVE-2020-11612, DLA-2364-1, DSA-2020-135, DSA-4885-1, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, USN-4600-2, VIGILANCE-VUL-32168
Oracle Java, OpenJDK: vulnerabilities of April 2020
Several vulnerabilities were announced in Oracle products...
6206850, 6235886, 6247119, 6247141, 6250529, 6369095, 6370579, 6371646, 6382282, 6415639, 6435147, 6436781, 6442605, CERTFR-2020-AVI-217, cpuapr2020, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2764, CVE-2020-2767, CVE-2020-2773, CVE-2020-2778, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2816, CVE-2020-2830, DLA-2193-1, DSA-2020-130, DSA-2020-135, DSA-2020-151, DSA-2020-160, DSA-2020-198, DSA-4662-1, DSA-4668-1, FEDORA-2020-07aa58121a, FEDORA-2020-21ca991b3b, FEDORA-2020-36298e20f7, FEDORA-2020-372eeb28f3, FEDORA-2020-4578c4a082, FEDORA-2020-5386fe3bbb, FEDORA-2020-73341c894c, FEDORA-2020-755e4213b5, FEDORA-2020-831ec85119, FEDORA-2020-92ed6d99e4, FEDORA-2020-a60ad9d4ec, JSA11110, KB0085480, NTAP-20200416-0004, openSUSE-SU-2020:0757-1, openSUSE-SU-2020:0800-1, openSUSE-SU-2020:0841-1, RHSA-2020:1506-01, RHSA-2020:1507-01, RHSA-2020:1508-01, RHSA-2020:1509-01, RHSA-2020:1512-01, RHSA-2020:1514-01, RHSA-2020:1515-01, RHSA-2020:1516-01, RHSA-2020:1517-01, RHSA-2020:2236-01, RHSA-2020:2237-01, RHSA-2020:2238-01, RHSA-2020:2239-01, RHSA-2020:2241-01, RHSA-2021:0717-01, RHSA-2021:0736-01, SB10332, SUSE-SU-2020:14398-1, SUSE-SU-2020:1511-2, SUSE-SU-2020:1571-1, SUSE-SU-2020:1683-1, SUSE-SU-2020:1684-1, SUSE-SU-2020:1685-1, SUSE-SU-2020:1686-1, USN-4337-1, VIGILANCE-VUL-32028
Dell EMC iDRAC: buffer overflow
An attacker can trigger a buffer overflow of Dell EMC iDRAC, in order to trigger a denial of service, and possibly to run code...
CVE-2020-5344, DSA-2020-063, DSA-2020-088, VIGILANCE-VUL-31954
RSA Authentication Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of RSA Authentication Manager, in order to run JavaScript code in the context of the web site...
CVE-2020-5346, DSA-2020-066, DSA-2020-067, VIGILANCE-VUL-31864
Connect2id Nimbus JOSE+JWT: privilege escalation via JWT Parsing
An attacker can bypass restrictions via JWT Parsing of Connect2id Nimbus JOSE+JWT, in order to escalate his privileges...
6198380, cpujan2021, CVE-2019-17195, DSA-2020-066, DSA-2020-067, VIGILANCE-VUL-31843
tcpdump: out-of-bounds memory reading via EXTRACT_32BITS
An attacker can force a read at an invalid address via EXTRACT_32BITS() of tcpdump, in order to trigger a denial of service, or to obtain sensitive information...
bulletinapr2020, CVE-2018-14466, CVE-2018-19325-REJECT, DLA-1955-1, DLA-1967-1, DSA-2019-168, DSA-2019-169, DSA-4547-1, FEDORA-2019-6db0d5b9d9, FEDORA-2019-85d92df70f, FEDORA-2019-b92ce3144a, FEDORA-2019-d06bc63433, FEDORA-2019-eaa681d33e, HT210788, K04367730, K44551633, K56551263, K86252029, openSUSE-SU-2019:2343-1, openSUSE-SU-2019:2344-1, openSUSE-SU-2019:2345-1, openSUSE-SU-2019:2348-1, RHSA-2020:4760-01, SSA:2019-274-01, SUSE-SU-2019:14191-1, SUSE-SU-2019:2669-1, SUSE-SU-2019:2674-1, SUSE-SU-2020:3360-1, USN-4221-1, USN-4221-2, USN-4252-1, USN-4252-2, VIGILANCE-VUL-31803
RSA Authentication Manager: Cross Site Scripting via Security Console
An attacker can trigger a Cross Site Scripting via Security Console of RSA Authentication Manager, in order to run JavaScript code in the context of the web site...
CVE-2020-5339, CVE-2020-5340, DSA-2020-052, DSA-2020-053, VIGILANCE-VUL-31696
Netty: information disclosure via HttpObjectDecoder.java Double Content-Length
An attacker can bypass access restrictions to data via HttpObjectDecoder.java Double Content-Length of Netty, in order to obtain sensitive information...
CERTFR-2020-AVI-179, CVE-2019-20445, DLA-2109-1, DLA-2110-1, DLA-2364-1, DLA-2365-1, DSA-2020-066, DSA-2020-067, DSA-4885-1, RHSA-2020:0804-01, RHSA-2020:0805-01, RHSA-2020:0806-01, RHSA-2020:0811-01, RHSA-2020:0951-01, RHSA-2020:0952-01, USN-4532-1, USN-4600-1, USN-4600-2, VIGILANCE-VUL-31614
Our database contains other pages. You can request a free trial to read them.

Display information about RSA Authentication Manager: