142 matches found
Security update for xen (important)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed: - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen allow...
GLSA-201604-01 : QEMU: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201604-01 QEMU: Multiple vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Local users within a guest QEMU environment can execute...
Fedora 23 : xen-4.5.2-9.fc23 (2016-f4504e9445)
Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 1296080 Qemu: i386: NULL pointer dereference in vapicwrite CVE-2016-1922 1292767 qemu: Stack-based buffer overflow in megasasctrlgetinfo CVE-2015-8613 1293305 qemu-kvm: Infinite loop and out-of-bounds transfer start i...
Fedora 23 : qemu-2.4.1-7.fc23 (2016-b49aaf2c56)
CVE-2015-8619: Fix sendkey out of bounds bz 1292757 CVE-2016-1981: infinite loop in e1000 bz 1299995 Fix Out-of-bounds read in usb-ehci bz 1300234, bz 1299455 CVE-2016-2197: ahci: NULL pointer dereference bz 1302952 Fix gdbstub for VSX registers for ppc64 bz 1304377 Fix qemu-img vmdk images to...
Fedora 22 : qemu-2.3.1-12.fc22 (2016-be042f7e6f)
CVE-2015-8619: Fix sendkey out of bounds bz 1292757 CVE-2016-1981: infinite loop in e1000 bz 1299995 Fix Out-of-bounds read in usb-ehci bz 1300234, bz 1299455 CVE-2016-2197: ahci: NULL pointer dereference bz 1302952 Fix gdbstub for VSX registers for ppc64 bz 1304377 Fix qemu-img vmdk images to...
[SECURITY] [DSA 3471-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3471-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
Oracle: Security Advisory (ELSA-2015-1981)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 6 / 7 : nss, / nss-util, / and / nspr (ELSA-2015-1981)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1981 advisory. - Resolves: Bug 1269360 - CVE-2015-7183 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...
CentOS Update for nspr CESA-2015:1981 centos7
Check the version of nspr SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882318";...
CentOS Update for nss-util CESA-2015:1981 centos6
Check the version of nss-util SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882310";...
IBM Domino Web Server Cross-site Scripting Vulnerability (CVE-2015-1981)
Hello 3APA3A! Earlier I wrote about XSS vulnerability in IBM Domino http://seclists.org/fulldisclosure/2015/May/128. I informed IBM in May about it and at 17.06.2015 they fixed it and released security bulletin. Security Bulletin: IBM Domino Web Server Cross-site Scripting Vulnerability...
CVE-2015-1981
CVE-2015-1981 affects IBM Domino Web Server. A cross-site scripting vulnerability exists in the webmail interface when Webmail is enabled, allowing remote authenticated users to inject arbitrary web script or HTML via a crafted URL in IBM Domino 8.5.x (before 8.5.3 FP6 IF8) and 9.x (before 9.0.1 ...
RHEL 6 : flash-plugin (RHSA-2014:1981)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2014:1981 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple...
Amazon Linux AMI : libX11 / libXcursor,libXfixes,libXi,libXrandr,libXrender,libXres,libXt,libXv,libXvMC,libXxf86dga,libXxf86vm,libdmx,xorg-x11-proto-devel (ALAS-2014-452)
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially...
CentOS 6 : libX11 / libXcursor / libXext / libXfixes / libXi / libXinerama / libXp / libXrandr / etc (CESA-2014:1436)
Updated X11 client libraries packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
openSUSE Security Update : libX11 (openSUSE-SU-2013:1047-1)
This update of libX11 fixes several security issues. - U0001-integer-overflow-in-XQueryFont-on-32-bit-platfor ms-.patch, U0002-integer-overflow-in-XF86BigfontQueryFont-CVE-201 3-1.patch, U0003-integer-overflow-in-XListFontsWithInfo-CVE-2013-1 981.patch,...
SuSE 11.2 / 11.3 Security Update : xorg-x11-libX11 (SAT Patch Numbers 7842 / 7935)
This update of xorg-x11-libX11 fixes several security issues. Bug 815451/821664 CVE-2013-1981 / CVE-2013-1997 / CVE-2013-2004 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself...
CVE-2013-1981
CVE-2013-1981 affects X.Org libX11 (X11 client libraries) and is described as multiple integer overflow flaws that affect functions such as XQueryFont, _XF86BigfontQueryFont, XListFontsWithInfo, XGetMotionEvents, XListHosts, XGetModifierMapping, XGetPointerMapping, XGetKeyboardMapping, XGetWindow...
Fedora Update for libX11 FEDORA-2013-9151
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...