84 matches found
CVE-2017-2901
An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the applicatio...
CVE-2017-2901
Blender 2.78c is affected by CVE-2017-2901 due to an integer overflow in the IRIS loader, causing a buffer overflow that can lead to code execution when a user opens a crafted .iris asset via the sequencer. This is a local vulnerability with user interaction required and is addressed by upgrading...
CVE-2016-2901
Cross-site request forgery CSRF vulnerability in the PAThemeCreator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...
ntp -- multiple vulnerabilities
Network Time Foundation reports: NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p7, released on Tuesday, 26 April 2016: Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering. Reported by Matt...
Ubuntu 14.04 LTS : xdelta3 vulnerability (USN-2901-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2901-1 advisory. It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote...
MEDCIN engine of the exploitability of the vulnerability details-vulnerability warning-the black bar safety net
! Science: the MEDCIN engine is a service to doctors and nurses electronic medical records system. A few months ago, I was in the MEDCIN engine to older versions of the safety assessment found a loophole. So I to the Supplier a report of the vulnerabilities and then repair, after viewing the...
CVE-2015-2901
CVE-2015-2901 affects Medicomp MEDCIN Engine (version 2.22.20142.166). It describes multiple stack-based buffer overflows that could allow remote code execution via a crafted packet on port 8190, specifically related to the GetProperty info_getproperty and GetProperty UdfCodeList functions. Conne...
Medicomp MEDCIN Engine contains multiple vulnerabilities
Overview Medicomp's MEDCIN Engine provide electronic health records EHR tools and information to medical professionals. MEDCIN Engine versions before version 2.22.20153.226 are vulnerable to several buffer overflows. Description Medicomp MEDCIN Engine prior to version 2.22.20153.226 is vulnerable...
[SECURITY] [DSA 2901-3] wordpress regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-2901-3 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 21, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2901-2] wordpress regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-2901-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 18, 2014 http://www.debian.org/security/faq -...
Debian DSA-2901-1 : wordpress - security update
Several vulnerabilities were discovered in Wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-0165 A user with a contributor role, using a specially crafted request, can publish posts, which is reserved for users of the...
Debian: Security Advisory (DSA-2901-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-2901
CVE-2011-2901 affects Xen 3.3 and earlier. The off-by-one error in the __addr_ok macro allows local 64-bit PV guest administrators to cause a host crash (denial of service) via unspecified hypercalls that ignore virtual-address bits. Public references confirm the issue across multiple advisories ...
Google Chrome Multiple Vulnerabilities-01 (Aug 2013) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Debian DSA-2741-1 : chromium-browser - several vulnerabilities
Several vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2887 The chrome 29 development team found various issues from internal fuzzing, audits, and other studies. - CVE-2013-2900 Krystian Bigaj discovered a file handling path sanitization issue. - CVE-2013-2901 Alex...
Debian Security Advisory DSA 2741-1 (chromium-browser - several vulnerabilities)
Several vulnerabilities have been discovered in the Chromium web browser. CVE-2013-2887 The chrome 29 development team found various issues from internal fuzzing, audits, and other studies. CVE-2013-2900 Krystian Bigaj discovered a file handling path sanitization issue. CVE-2013-2901 Alex Chapman...
Debian: Security Advisory (DSA-2741-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome 29 Fixes 25 Vulnerabilities
There are 25 fresh security patches in the newest version of Google Chrome, including fixes for a number of high-severity vulnerabilities. Chrome 29 also includes a number of performance enhancements. Google regularly pushes out new versions of its browser every few weeks, and sometimes will only...
Oracle Linux 5 : kernel (ELSA-2011-1212)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1212 advisory. - xen fix off-by-one shift in x8664 addrok Laszlo Ersek 728043 719850 CVE-2011-2901 - wireless nl80211: check for valid SSID size in scan operation...
RHEL 5 : kernel (RHSA-2011:1813)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1813 advisory. - kernel: sctp dos CVE-2011-2482 - kernel: rpc task leak after flocking NFS share CVE-2011-2491 - kernel: /proc/PID/io infoleak CVE-2011-249...