VMware Fusion 8.x < 8.5.6 Multiple Vulnerabilities (VMSA-2017-0006) (macOS)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 8.x prior to 8.5.6. It is, therefore, affected by multiple vulnerabilities : - A heap buffer overflow condition exists due to improper validation of certain input. An attacker on the guest can exploit this to cause a...

[SECURITY] Fedora 25 Update: cloud-init-0.7.8-6.fc25

Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts...

UBUNTU-CVE-2016-6225

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector IV for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...

xrdp elevation of privilege vulnerability

xrdp is an open source Remote Desktop Protocol RDP server developed by software developer Jay Sorg. An elevation of privilege vulnerability exists in xrdp version 0.9.1, which stems from a failure to properly initialize the PAM session module. An attacker can exploit this vulnerability to cause a...

UBUNTU-CVE-2017-7178

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves 1 hosting a crafted plugin that executes an arbitrary program from its init.py file and 2 causing the victim to download, install, and enable this plugin...

DEBIAN-CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

UBUNTU-CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

AZL-7170 CVE-2017-6827 affecting package audiofile 0.3.6-27

Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile aka libaudiofile and Audio File Library 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file...

tomcat: tomcat writable config files allow privilege escalation

It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...

CVE-2016-6485

The construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value...

F5 Networks BIG-IP : Linux kernel SCTP vulnerability (K37510383)

The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service panic or memory corruption by creating SCTP sockets before all of the steps have finished. CVE-2015-5283 ...

Axessh 4.2 - Denial Of Service

Axessh是一款windows下的ssh工具，使用后会开启ssh 22端口，并开启wsshed.exe服务，当wsshed.exe在接收字符串时，会调用BIGNUM相关函数进行处理，但对于BIGNUM的结构体没有进行赋初值，导致空指针引用引发拒绝服务漏洞，下面对此漏洞进行详细分析。 这里要提的一点是，Exploit-db给的PoC可以触发漏洞，但实际上，只要连接22端口，都会引发这个漏洞的发生，哪怕只发送一字节的内容。 附加wsshed.exe，执行PoC，引发中断，这边捕获到漏洞触发位置。 0:000 g f74.a68: Access violation - code c00000...

USN-3199-2 Python Crypto regression

USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather...

DEBIAN-CVE-2016-5417

Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...

Ubuntu 14.04 LTS / 16.04 LTS : Python Crypto vulnerability (USN-3199-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3199-1 advisory. It was discovered that the ALGnew function in blocktemplace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability....

USN-3199-1: Python Crypto vulnerability

It was discovered that the ALGnew function in blocktemplace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter...

CVE-2016-5417

Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...

Error code 0x00007E, BSOD, When Creating vdisk - BNIStack Failed, Network Stack Could Not Be Initialized

While capturing a new vdisk using the imaging wizard software you receive a BSOD. This occurs after the first reboot when the master image VM is switched to boot from the network via the local BIOS. The details of the stop error are: BNIStack failed, network stack could not be initialized. Error...

Apple Safari WebKit Memory Initialization Vulnerability

Apple Safari is an American web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A memory initialization vulnerability exists in Apple Safari WebKit, which allows remote attackers to build malicious web pages that can be exploited to trick...

Oracle Java Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the creation of an...