Microsoft Lync Server Multiple Vulnerabilities (3089952)

This host is missing an important security update according to Microsoft Bulletin MS15-104. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Amazon Linux: Security Advisory (ALAS-2014-430)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: php-ZendFramework2-2.4.7-1.fc21

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...

AIX Java Advisory : java_july2015_advisory.asc (Logjam)

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities : - Java Security Components store plaintext data in memory dumps, which allows a local attacker to gain access to sensitive information. CVE-2015-1931 - A flaw exists in the readSerialData function i...

Apple Mac OS X / OS X Server multiple security vulnerabilities

Over 150 different vulnerabilities in system components and libraries...

JDK: plain text data stored in memory dumps

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by...

flash-plugin: multiple code execution flaws (APSB15-19)

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a...

JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (2D)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

JDK: plain text data stored in memory dumps

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by...

IBM SDK Java Security Components Local Information Disclosure Vulnerability

The IBM SDK is an integrated toolkit for creating, discovering, invoking, and testing Web services. The IBM SDK stores plaintext data into memory, allowing a local attacker to exploit vulnerabilities to gain access to sensitive information...

Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-2696-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2696-1 advisory. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit...

Ubuntu: Security Advisory (USN-2696-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-3323-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-283-1 icu - security update

Bulletin has no description...

MGASA-2015-0287 Updated icu package fixes security vulnerability

The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or possibly have unspecified other impact via a craft...

JDK: plain text data stored in memory dumps

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by...

MGASA-2015-0277 Updated java-1.7.0-openjdk package fixes security vulnerabilities

Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733. A flaw was fou...

JDK: plain text data stored in memory dumps

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by...

UBUNTU-CVE-2015-1270

The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU, as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or...

flash-plugin: multiple code execution issues fixed in APSB15-16

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execu...