105 matches found
[SECURITY] [DSA 3652-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3652-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2016 https://www.debian.org/security/faq -...
SUSE-SU-2016:2075-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - security update: CVE-2016-6520: buffer overflow bsc991872 CVE-2016-6491: Out-of-bounds read in CopyMagickMemory bsc991445...
SUSE-SU-2016:2076-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - security update: CVE-2016-6520: buffer overflow bsc991872 CVE-2016-5010: Out-of-bounds read in CopyMagickMemory bsc991444 CVE-2016-6491: Out-of-bounds read when processing crafted tiff files bsc991445...
ImageMagick 'Get8BIMProperty' Buffer Overflow Vulnerability - Windows
ImageMagick is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:imagemagick:imagemagick"...
Oracle MySQL Server <= 5.5.39 / 5.6 <= 5.6.20 Security Update (cpuoct2014) - Linux
Oracle MySQL Server is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2015-6491
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors...
CVE-2015-6491
Rockwell Automation MicroLogix 1100 and 1400 PLCs are affected by CVE-2015-6491. Specifically, MicroLogix 1100 controllers (Series B) with firmware version 14.000 and earlier are mitigated by updating to 15.000, while MicroLogix 1400 controllers (Series B) with firmware 15.003 and earlier require...
SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1)
mariadb was updated to version 10.0.16 to fix 40 security issues. These security issues were fixed : - CVE-2015-0411: Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allowed remote attackers to affect confidentiality, integrity, and availability via...
[slackware-security] mariadb
New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mariadb-5.5.40-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...
Important: mysql55
Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: SERVER:SSL:yaSSL. Supported versions that are affected are 5.5.39 and earlier and 5.6.20 and earlier. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols...
CVE-2014-6491
CVE-2014-6491 affects Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier, via SERVER:SSL:yaSSL, with partial confidentiality/integrity/availability impact. The IBM bulletin confirms linked CVEs and notes Guardium is vulnerable; the Debian advisory recommends upgrading to MySQL 5.5.40, ...
UBUNTU-CVE-2014-6491
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500...
Ubuntu: Security Advisory (USN-2247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2247-1] OpenStack Nova vulnerabilities
========================================================================== Ubuntu Security Notice USN-2247-1 June 17, 2014 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2247-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2247-1 advisory. Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in...
[USN-2208-1] OpenStack Cinder vulnerability
========================================================================== Ubuntu Security Notice USN-2208-1 May 06, 2014 cinder vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
CVE-2013-6491
CVE-2013-6491 affects the OpenStack Oslo stack (OpenStack Nova) using the python-qpid client; specifically, the common/rpc/impl_qpid.py path does not enforce SSL when qpid_protocol is set to ssl, allowing remote attackers to sniff network traffic and obtain sensitive information. The root cause i...
SuSE 11.1 Security Update : libxslt (SAT Patch Number 6491)
The following issue has been fixed : - Specially crafted XSL documents could have crashed libxslt CVE-2012-2825 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright ...
CVE-2008-6491
The CVE-2008-6491 entry affects PHPGKit 0.9, where the PHP remote file inclusion flaw resides in the connexion.php module. An attacker can cause arbitrary PHP code execution by supplying a URL in the DOCUMENT_ROOT parameter, enabling remote code execution via a crafted request. This vulnerability...
Fedora Update for gtkmozembedmm FEDORA-2008-6491
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...