A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive verbosity in certain log subscriptions. An attacker could exploit this vulnerability by accessing specific log files on an affected device. A successful exploit could allow the attacker to obtain sensitive log data, which may include user credentials. To exploit this vulnerability, the attacker would need to have valid credentials at the operator level or higher on the affected device.

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.

IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service. IBM X-Force ID: 181562.

IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402.

IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616.

IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS could allow an attacker to cause a denial of service due to a memory leak caused by an error creating a dynamic queue. IBM X-Force ID: 179080.

IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privileged user to obtain highly sensitve information due to inclusion of data within trace files. IBM X-Force ID: 182118.

A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted, malicious HTTP request to an affected device. A successful exploit could allow the attacker to redirect users to malicious sites.

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.