1683 matches found
CVE-2014-7813
CVE-2014-7813 affects Red Hat CloudForms 3 Management Engine (CFME). The vulnerability allows remote authenticated users to cause a denial of service (resource consumption) through crafted usage involving Ruby on Rails .to_sym calls and lack of garbage collection for inserted symbols. CVSS metric...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
SUSE-SU-2017:2175-1 Security update for java-1_8_0-openjdk
This java-180-openjdk update to version jdk8u141 icedtea 3.5.0 fixes the following issues: Security issues fixed: - CVE-2017-10053: Improved image post-processing steps bsc1049305 - CVE-2017-10067: Additional jar validation steps bsc1049306 - CVE-2017-10074: Image conversion improvements bsc10493...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
5 Ways to Use Log Data to Analyze System Performance
Analyzing System Performance Using Log Data Recently we examined some of the most common behaviors that our community of 25,000 users looked for in their logs, with a particular focus on web server logs. In fact, our research identified the top 15 web server tags and alerts created by our...
Updated thunderbird packages fix security vulnerability
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. CVE-2017-5400 A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may...
flash-plugin: multiple code execution issues fixed in APSB17-07
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3001
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3001
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3001
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution...
Mozilla: Memory corruption during JavaScript garbage collection incremental sweeping (MFSA 2017-06)
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla Thunderbird < 45.8 Multiple Vulnerabilities (macOS)
The version of Mozilla Thunderbird installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru...
[ASA-201703-3] firefox: multiple issues
Arch Linux Security Advisory ASA-201703-3 ========================================= Severity: Critical Date : 2017-03-10 CVE-ID : CVE-2017-5398 CVE-2017-5399 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5403 CVE-2017-5404 CVE-2017-5405 CVE-2017-5406 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410...
Mozilla Firefox < 52.0 Multiple Vulnerabilities
The version of Mozilla Firefox installed on the remote Windows host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru Chen, and...
Mozilla: Memory corruption during JavaScript garbage collection incremental sweeping (MFSA 2017-06)
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...