72 matches found
CVE-2016-6348
CVE-2016-6348 is reported in RESTEasy via the JacksonJsonpInterceptor and is described in connected advisories as enabling a cross-site script inclusion (XSSI) vulnerability. The Ubuntu USN and Tenable/NASL entries enumerate RESTEasy-related CVEs together and explicitly list CVE-2016-6348 among a...
CVE-2016-6348
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion XSSI attack...
CVE-2016-6348
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion XSSI attack...
openSUSE Security Update : the Linux Kernel (openSUSE-2017-419)
The openSUSE Leap 42.1 kernel was updated to 4.1.39 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5669: The doshmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed loca...
openSUSE: Security Advisory for kernel (openSUSE-SU-2017:0906-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for the Linux Kernel (important)
====================================================================== Still left to do: - Check CVE descriptions. They need to be written in the past tense. They are processed automatically, THERE CAN BE ERRORS IN THERE! - Remove version numbers from the CVE descriptions - Check the capitalizati...
Updated kernel packages fixes security vulnerabilities
This kernel update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline CVE-2017-263...
Debian DLA-849-1 : linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle BP and OF exceptions in an L2 neste...
[SECURITY] [DLA 849-1] linux security update
Package : linux Version : 3.2.86-1 CVE ID : CVE-2016-9588 CVE-2017-2636 CVE-2017-5669 CVE-2017-5986 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6348 CVE-2017-6353 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or...
Debian DSA-3804-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. - CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle BP and OF exceptions in an L2...
[SECURITY] [DSA 3804-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3804-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3804-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3804-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...
CVE-2017-6348
The hashbindelete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allows local users to cause a denial of service deadlock via crafted operations on IrDA devices...
CVE-2017-6348
The hashbindelete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service deadlock via crafted operations on IrDA devices...
CVE-2017-6348
CVE-2017-6348 affects the Linux kernel: the hashbin_delete function in net/irda/irqueue.c improperly handles lock dropping, enabling a local user to trigger a denial of service through crafted IrDA device operations. The issue exists in kernels before 4.9.13 and is fixed by upgrading to 4.9.13 or...
CVE-2016-6348
It was found that in some configurations the JacksonJsonpInterceptor is activated by default in RESTEasy. An attacker could use this flaw to launch a Cross Site Scripting Inclusion attack...
CVE-2015-6348
The CVE-2015-6348 issue affects Cisco Secure Access Control Server (ACS) 5.7(0.15) where the report-generation web interface contains RBAC validation weaknesses. An authenticated remote user could access restricted report/status pages via the report-generation web interface, potentially exposing ...
Microsoft Internet Explorer Multiple Vulnerabilities (3003057)
This host is missing a critical security update according to Microsoft Bulletin MS14-065. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Memory corruption
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348...
CVE-2014-6348
CVE-2014-6348 affects Microsoft Internet Explorer 9. The provided description states that remote attackers can exploit a memory corruption issue via a crafted web site to execute arbitrary code or cause a denial of service. This entry is linked to IE9 and is distinguished from CVE-2014-6342. No c...