5058 matches found
CVE-2016-7042
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
Memory corruption
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
CVE-2016-7042
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
[SECURITY] Fedora 24 Update: mongodb-3.2.8-2.fc24
Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...
[SECURITY] Fedora 23 Update: mongodb-3.0.12-2.fc23
Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...
How to collect Logs for Citrix Workspace app for Linux?
This article describes the commands that can be run to collect informationand logs needed to troubleshoot Linux Receiver issues...
Error: “Preparation of the Master VM Image failed” When UPDATING a Catalog
NOTE : This article contains information about UPDATING a CatalogONLY. For information on CREATING a Catalog see: CTX140734 Updating a catalog might fail during Image Preparation because of many reasons. In order to identify what caused the failure we need to collect preparation Image logs...
The YAWAST Antecedent Web Application Security Toolkit
The YAWAST Antecedent Web Application Security Toolkit YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL – Versions and cipher suites supported; common issues...
Windows Forensic Data Collection: IR-rescue
Windows Forensic Data Collection ir-rescue is a Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility. It is intended for incident response use at different stages in the analysis and investigation process. It...
fox-info NSE Script
Tridium Niagara Fox is a protocol used within Building Automation Systems. Based off Billy Rios and Terry McCorkle's work this Nmap NSE will collect information from A Tridium Niagara system. Example Usage nmap --script fox-info.nse -p 1911 Script Output 1911/tcp open Niagara Fox | fox-info: |...
How to Collect SSR for Citrix Insight Services (CIS) Using the CLI in Citrix Hypervisor 8.2 CU1
How to Collect Data for Citrix Insight Service CIS using the CLI in Citrix Hypervisor 8.2 CU1 and later without the use of XenCenter...
CVE-2014-9529
Race condition in the keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service memory corruption or panic or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during...
PHP < 5.5.37, 5.6.23 Use-After-Free Remote Code Execution.
Binary data 802011.prm...
GNU gcc Local Security Bypass Vulnerability
GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A local security bypass vulnerability exists in GNU gcc, which can be exploited by attackers to bypass security restrictions and perform unauthorized operations...
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3044-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3044-1 advisory. Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially...
Design/Logic Flaw
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
Design/Logic Flaw
phpzip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash...
CVE-2016-5773
phpzip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash...
CVE-2016-5771
CVE-2016-5771 affects the PHP SPL extension (spl_array.c) in PHP before 5.5.37 and 5.6.x before 5.6.23. The issue arises from how unserialize interacts with garbage collection, enabling remote attackers to trigger a use-after-free and cause a denial of service or potentially execute arbitrary cod...
CVE-2016-5771
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...