EUVD-2017-12860

Malware in sbrugna...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libjpeg

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libjpeg. Vulnerability Details CVEID: CVE-2018-11813 DESCRIPTION: libjpeg is vulnerable to a denial of service, caused by a large loop in the readpixel function in rdtarga.c. By persuading a victim to...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libtirpc (CVE-2018-14622 CVE-2018-14621)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in libtirpc. Vulnerability Details CVEID: CVE-2018-14622 DESCRIPTION: Libtirpc is vulnerable to a denial of service, caused by a NULL pointer dereference in the rpc-based application. By flooding the...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in procps

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in procps. Vulnerability Details CVEID: CVE-2018-1126 DESCRIPTION: procps-ng procps is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a remote...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in cURL (CVE-2018-14618)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in cURL. Vulnerability Details CVEID: CVE-2018-14618 DESCRIPTION: cURL libcurl is vulnerable to a buffer overflow, caused by an integer overflow flaw in the Curlntlmcoremknthash internal function in the NTLM...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability GNU C Library (CVE-2018-11236)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in GNU C Library. Vulnerability Details CVEID: CVE-2018-11236 DESCRIPTION: GNU glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds of checking by the pathname arguments in the...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libs

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libs. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libs. Vulnerability Details CVEID: CVE-2016-7953 Description: X.Org...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libXrender (CVE-2016-7949 CVE-2016-7950)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libXrender. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libXrender. Vulnerability Details CVEID: CVE-2016-7949...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libX11.

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libX11. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libX11. CVEID: CVE-2016-7942 Description: X.Org libX11 could allo...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libXv.

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libXv. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libXv. Vulnerability Details CVEID: CVE-2016-5407 Description: X.O...

Command injection

If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced Settings Utility ASU, UpdateXpress System Pack Installer UXSPI or Dynamic System Analysis DSA to a second machine, the other users may be able to see the user ID...

CVE-2017-3743

If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced Settings Utility ASU, UpdateXpress System Pack Installer UXSPI or Dynamic System Analysis DSA to a second machine, the other users may be able to see the user ID...

Credentials sent through the Lenovo ToolsCenter may be exposed to local users - us

Lenovo Security Advisory: LEN-10810 Potential Impact: Sensitive information disclosure Severity: Medium Scope of Impact: Lenovo specific CVE Identifier: CVE-2017-3743 Summary Description: If multiple users are concurrently logged into a single system where one user is sending a command via the...