PT-2016-5648 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.5.2 Description: The issue concerns the arch pick mmap layout function in the Linux kernel, which fails to properly randomize the legacy base address. This makes it easier for local users to bypass the ASLR...

CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

Stack overflow

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

CVE-2016-4053

CVE-2016-4053 in Squid allowed public information disclosure of the server stack layout when processing ESI responses. The issue is documented across multiple advisories (Debian, Red Hat/CentOS, Fedora, Amazon ALAS) with fixes in various branches: Debians fixed squid3 3.1.20-2.2+deb7u5; Jessie/St...

CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

UBUNTU-CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

squid: multiple issues

CVE-2016-4051 denial of service Due to incorrect buffer management Squid cachemgr.cgi tool is vulnerable to a buffer overflow when processing remotely supplied inputs relayed to it from Squid. - CVE-2016-4052 denial of service Due to buffer overflow issues Squid is vulnerable to a denial of...

CVE-2016-3971

Cross-site scripting XSS vulnerability in lucenesearch.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout...

The vulnerability of the Silverlight software platform, which allows a hacker to bypass the ASLR protection mechanism

The vulnerability of the Silverlight software platform is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially crafted web page...

The vulnerability of the Silverlight software platform, which allows a hacker to bypass the ASLR protection mechanism

The vulnerability of the Silverlight software platform is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially crafted web page...

Illustrated CVE-2 0 1 5-1 8 0 5-vulnerability warning-the black bar safety net

CVE-2 0 1 5-1 8 0 5 is a General-purpose linux kernel to any address write arbitrary value of vulnerability, this vulnerability worthy of commemoration, here with four double figure intuitive description about it: ! The initial memory layout ! First copy ! redo the second copy after ! Third copy...

WordPress MiniMax Plugin <= 2.0.2 - Cross Site Scripting

This vulnerability is in ./page-layout-builder/includes/layout-settings.php. Solution Update the plugin...

flashplugin: multiple issues

CVE-2016-1006 JIT spraying mitigation bypass These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations. - CVE-2016-1015 CVE-2016-1019 arbitrary code execution These updates resolve type confusion vulnerabilities that could...

CVE-2016-1006

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data...

UBUNTU-CVE-2016-1006

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data...

flash-plugin: multiple code execution issues fixed in APSB16-10

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data...

Adobe Flash Player Memory Misreference Vulnerability (CNVD-2016-02105)

Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. A memory misreference vulnerability exists in Adobe Flash Player. An attacker could exploit this vulnerability to...

Linux ASLR Disablement Vulnerability

Linux ASLR address space layout randomization is a set of mechanisms for controlling memory address randomization in Linux systems. A security vulnerability exists in the Linux ASLR implementation. An attacker can exploit this vulnerability by setting the RLIMITSTACK resource to 'unlimited' to...

PIP Collage Maker Photo Layout - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application PIP Collage Maker Photo Layout published at the 'play' market has multiple vulnerabilities...

Photo Collage - Layout Editor - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Photo Collage - Layout Editor published at the 'play' market has multiple vulnerabilities...