Ubuntu 14.10 : linux vulnerabilities (USN-2518-1)

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2515-1)

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

USN-2518-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

Linux Kernel ASLR Integer Overflow Vulnerability

Linux kernel is an open source operating system. The Linux kernel ASLR implementation suffers from an integer overflow that allows an attacker to exploit a vulnerability to crash an application or execute arbitrary code...

Linux Kernel ASLR Implementation Insufficient Moisture Vulnerability

Linux Kernel is an open source operating system. The Linux Kernel ALSR implementation suffers from an insufficient moisture problem that allows attackers to exploit vulnerabilities to bypass security restrictions through brute force techniques for further attacks...

Microsoft Office ASLR Security Bypass Vulnerability

Microsoft Office is a popular office software suite developed by Microsoft. Microsoft Office has a security vulnerability in the handling of Office documents that allows an attacker to bypass ASLR security protections and gain access to sensitive information about the stack memory layout, which c...

Microsoft Office Shared Component ASLR Bypass (MS15-013; CVE-2014-6362)

A security feature bypass vulnerability exists in Microsoft Office Shared Component. The vulnerability is due to an improper implementation of Address Space Layout Randomization ASLR by MSCOMCTL common controls library used by Microsoft Office software. A remote attacker can exploit this issue by...

Microsoft Internet Explorer CSS Regions Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

MS15-009: Description of the security update for JScript9.dll in Internet Explorer: February 10, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage.SummaryThis article describes the cumulative security update for JScript9.dll in Internet Explorer that is dated February 10, 2015. This security update resolves an iss...

USN-2492-1: Linux kernel vulnerabilities

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage TLS implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization ASLR protection mechanism. A local user could exploit this fla...

USN-2490-1: Linux kernel vulnerabilities

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage TLS implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization ASLR protection mechanism. A local user could exploit this fla...

Ubuntu: Security Advisory (USN-2492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome Blink Denial of Service Vulnerability (CNVD-2015-00709)

Google Chrome is a popular WEB browser. A vulnerability in the font implementation of the RenderTable::simplifiedNormalFlowLayout function in Google Chrome Blink core/rendering/RenderTable.cpp allows attackers to construct malicious WEB pages that can be tricked into being parsed by the user,...

Out-of-bounds

The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified...

CVE-2014-7946

Removed by vendor...

UBUNTU-CVE-2014-7946

The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified...

DEBIAN-CVE-2014-9585

The vdsoaddr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD...

Android Studio - The official Android IDE

Android Studio is the official IDE for Android application development, based on IntelliJ IDEA. On top of the capabilities you expect from IntelliJ, Android Studio offers: Flexible Gradle-based build system Build variants and multiple apk file generation Code templates to help you build common ap...

[SECURITY] Fedora 21 Update: graphviz-2.38.0-11.fc21

A collection of tools for the manipulation and layout of graphs as in nodes and edges, not as in barcharts...