93 matches found
[SECURITY] [DSA 3020-1] acpi-support security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3020-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 10, 2014 http://www.debian.org/security/faq -...
Debian DSA-3020-1 : acpi-support - security update
During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a user's environment. This could lead to program malfunction or allow a local user to escalate privileges to the root user due to a programming error. %NASLMINLEVEL 70300 ...
Debian Security Advisory DSA 3020-1 (acpi-support - security update)
During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a user OpenVAS Vulnerability Test $Id: deb3020.nasl 6735 2017-07-17 09:56:49Z teissa $ Auto-generated from advisory DSA 3020-1 using nvtgen 1.0 Script version: 1.0 Author:...
Amazon Linux AMI : mysql (ALAS-2012-44)
This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. CVE-2011-2262 , CVE-2012-0075 , CVE-2012-0087 , CVE-2012-0101 , CVE-2012-0102 , CVE-2012-0112 ,...
CVE-2013-0484
CVE-2013-0484 affects IBM Cognos TM1 10.1.x up to but not including 10.1.1 FP1. The vulnerability stems from an undocumented API call that can cause the server daemon to crash by transmitting unexpected data, enabling a remote denial-of-service condition. No mitigation details are provided in the...
SuSE 11.1 Security Update : MySQL (SAT Patch Number 6613)
MySQL has been upgraded to version 5.0.96 to fix several vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. if NASLLEVEL 3000 exit0...
RedHat Update for mysql RHSA-2012:0105-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for mysql FEDORA-2012-0987
Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2012-0987 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Important: Red Hat Security Advisory: mysql security update
Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
CVE-2012-0484
CVE-2012-0484 describes an unspecified vulnerability in the MySQL Server component of Oracle MySQL 5.0.x, 5.1.x, and 5.5.x that allows remote authenticated users to affect confidentiality via unknown vectors. The available connected documents confirm this CVE is tied to MySQL server components an...
Google Chrome Multiple Vulnerabilities (Jan 2011) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-0484
CVE-2011-0484 affects Google Chrome (before 8.0.552.237) and Chrome OS (before 8.0.552.344). The issue arises from improper DOM node removal, enabling denial of service or unspecified impact via a stale rendering node. NVD assigns a base score of 7.5 ( HIGH ) with network/low complexity exploit c...
VUPEN Security Research - Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability (CVE-2010-0484)
VUPEN Security Research - Microsoft Windows Kernel "GetDCEx" Memory Corruption Vulnerability CVE-2010-0484 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Windows is the operating system developed by Microsoft. As of May 2010, Windows was the most widely...
Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)
This host is missing a critical security update according to Microsoft Bulletin MS10-032. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)
The remote Windows host is running a version of the Windows kernel that is affected by one or more of the following vulnerabilities : - Improper validation of changes in certain kernel objects may allow a local attacker to execute arbitrary code in kernel mode and take complete control of the...
CVE-2010-0484
CVE-2010-0484 affects Windows kernel-mode drivers in win32k.sys. The vulnerability arises from improper validation/memory handling when processing Device Contexts (DC) via GetDCEx, enabling local users to execute arbitrary code in kernel mode (ring0) on affected Windows versions. Affected are Win...
Fedora Core 10 FEDORA-2009-2417 (bugzilla)
The remote host is missing an update to bugzilla announced via advisory FEDORA-2009-2417. OpenVAS Vulnerability Test $Id: fcore20092417.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-2417 bugzilla Authors: Thomas Reinke Copyright: Copyright c 2009...
Fedora Core 9 FEDORA-2009-2418 (bugzilla)
The remote host is missing an update to bugzilla announced via advisory FEDORA-2009-2418. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
CVE-2009-0484
CVE-2009-0484 is a CSRF vulnerability in Bugzilla that allows remote attackers to delete shared or saved searches via a crafted link or IMG tag to buglist.cgi. Affected are Bugzilla 3.0.x before 3.0.7, 3.2.x before 3.2.1, and 3.3.x before 3.3.2. The underlying issue is cross-site request forgery ...
CVE-2007-0484
The CVE-2007-0484 entry describes multiple SQL injection vulnerabilities in Enthusiast 3.1. The issue arises in the server-side handling of the cat parameter for show_owned.php, show_joined.php, and possibly other files, enabling remote attackers to execute arbitrary SQL commands. The provided do...