EUVD-2015-7603

Malware in sbrugna...

CVE-2019-9750

In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01...

Linux Distros Unpatched Vulnerability : CVE-2017-9750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service buffer...

Linux Distros Unpatched Vulnerability : CVE-2014-9297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with...

Adobe Animate 20.x < 20.5.2 Multiple Vulnerabilities (APSB20-61)

The version of Adobe Animate installed on the remote macOS or Mac OS X host is prior to 20.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-61 advisory. - Adobe Animate version 20.5 and earlier is affected by an out-of-bounds read vulnerability, which could...

Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter

Summary The switch firmware deliverables listed below have addressed the applicable NTP CVEs. Vulnerability Details Summary The switch firmware deliverables listed below have addressed the applicable NTP CVEs. Vulnerability Details: CVE-ID: CVE-2014-9750 Description: NTP NTPd could allow a remote...

K16392: NTP vulnerability CVE-2014-9750

Security Advisory Description The vallen packet value is not validated in several code paths in ntpcrypto.c which can lead to information leakage or a possible crash of ntpd. CVE-2014-9750 Note : The original candidate number referenced in this article, CVE-2014-9297, was rejected because it was...

SUSE CVE-2014-9297

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in...

SUSE CVE-2015-7692

The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750...

Adobe Animate 20.x < 20.5.2 Multiple Vulnerabilities (APSB20-61)

The version of Adobe Animate installed on the remote Windows host is prior to 20.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-61 advisory. - Adobe Animate version 20.5 and earlier is affected by an out-of-bounds read vulnerability, which could result in...

CVE-2020-9750

Adobe Animate version 20.5 and earlier is affected by an out-of-bounds read vulnerability, which could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate...

CVE-2020-9750

CVE-2020-9750 is an out-of-bounds read vulnerability in Adobe Animate 20.5 and earlier that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a crafted .fla file in Animate. Connected advisories confirm this CVE is ...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1799)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

ntp is vulnerable to denial of service. The fix for CVE-2014-9750 was incomplete which resulted in incorrect value length checks in ntpcrypto.c. A packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a...

Denial Of Service (DoS)

ntp is vulnerable to denial of service. An incomplete fix for CVE-2014-9750 resulted in improper value length checks in ntpcrypto.c. A packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted...

CVE-2019-9750

In IoTivity up to version 1.3.1, the CoAP server interface is vulnerable to Distributed Denial of Service via source IP spoofing and UDP-based traffic amplification. The reflected traffic is reported to be six times larger than spoofed requests due to mishandling of a 4.01 Unauthorized response. ...

CVE-2019-9750

In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01...

Security Bulletin: Multiple vulnerabilities in Network Time Protocol (NTP) affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in Network Time Protocol NTP. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2014-9297 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to conduct spoofing attacks, caused by...

Security Bulletin: IBM Pure Power Integrated Manager (PPIM) is affected by vulnerabilities in ntp (CVE-2014-9750, CVE-2014-9751)

Summary Security vulnerabilities have been discovered in ntp embedded in the IBM PPIM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2014-9750 DESCRIPTION: NTP NTPd could allow a remote attacker to obtain sensitive information, caused by an error in ntpcrypto.c when Autok...

SUSE SLES12 Security Update : CaaS Platform 2.0 images (SUSE-SU-2018:0053-1)

The Docker images provided with SUSE CaaS Platform 2.0 have been updated to include the following updates: binutils : - Update to version 2.29 - 18750 bsc1030296 CVE-2014-9939 - 20891 bsc1030585 CVE-2017-7225 - 20892 bsc1030588 CVE-2017-7224 - 20898 bsc1030589 CVE-2017-7223 - 20905 bsc1030584...