63 matches found
USN-3364-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3364-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...
Ubuntu 16.04 LTS : Linux kernel (HWE) kernel vulnerabilities (USN-3371-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3371-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...
USN-3364-3: Linux kernel (AWS, GKE) vulnerabilities
It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...
Ubuntu: Security Advisory (USN-3364-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3364-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3364-2 advisory. USN-3364-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu: Security Advisory (USN-3359-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3358-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture ALSA subsystem i...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1853-1) (Stack Clash)
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 o...
openSUSE Security Update : the Linux Kernel (openSUSE-2017-716) (Stack Clash)
The openSUSE Leap 42.2 kernel was updated to 4.4.72 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.72 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be...
openSUSE: Security Advisory for kernel (openSUSE-SU-2017:1633-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2015-7346
SQL injection vulnerability in ZCMS 1.1...
CVE-2015-7346
CVE-2015-7346 affects ZCMS 1.1 (Zeyuan Web Content Management System). The connected documents confirm a SQL injection vulnerability in ZCMS 1.1 that can bypass authentication to reach the admin area, caused by constructing queries via string concatenation (e.g., vulnerable login query). Public e...
CVE-2015-7346
SQL injection vulnerability in ZCMS 1.1...
CVE-2016-7346
CVE-2016-7346 entry is rejected/not used; not an active vulnerability entry.
CVE-2016-7346
...
CVE-2017-7346
The vmwgbsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service system hang via a crafted ioctl call for a /dev/dri/renderD device...
CVE-2017-7346
The CVE-2017-7346 issue is a Linux kernel vulnerability in vmwgfx where vmw_gb_surface_define_ioctl in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c fails to validate certain levels data, enabling a local attacker to cause a denial of service (system hang) via a crafted ioctl to /dev/dri/renderD* on ke...
CVE-2015-7346
creationtimestamp| type| source ---|---|--- 2015-06-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37272...
CVE-2014-7346
The CVE-2014-7346 entry concerns the Bespoke Android app (com.magzter.bespoke) version 3.0, which does not verify X.509 certificates when establishing SSL connections. The root cause is missing certificate validation, enabling potential man‑in‑the‑middle attackers to spoof servers and extract sen...