1087 matches found
PYSEC-2014-107
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
Code injection
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
PYSEC-2014-107
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
UBUNTU-CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
qemu: hpet: buffer overrun on invalid state load
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...
Monsanto Suffers Data Breach at Precision Planting Unit
Monsanto, the massive international agricultural conglomerate, has disclosed a data breach that involved the personal information of customers and employees of its Precision Planting subsidiary. The breach included names, addresses, possibly Social Security numbers and some financial account...
DotItYourself 6.11.060830 Command Execution
Remote Comand Execution on DotItYourself + Date: 26/03/2014 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on Windows 7 and Linux + Software info : https://www.precisionwebhosting.com/cgi.htm + Vulnerable File: dot-it-yourself.cgi + Version : Version...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
UBUNTU-CVE-2013-4527
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...
CVE-2013-3582
Buffer overflow in Dell BIOS on Dell Latitude D, E, XT2, and Z600 devices, and Dell Precision M devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbupacket.pktNum value in...
Buffer overflow
Buffer overflow in Dell BIOS on Dell Latitude D, E, XT2, and Z600 devices, and Dell Precision M devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbupacket.pktNum value in...
CVE-2013-3582
CVE-2013-3582 describes a buffer overflow in Dell BIOS updates that affects Latitude D530/D531/D630/D631/D830, E5400/E5500/E4200/E4300/E6400/E6400 ATG/XFR, XT2, Z600, and Precision M2300/M4300/M6300/M6400/M6500/M2400/M4400; the flaw is in rbu_packet.pktNum and rbu_packet.pktSize handling, allowin...
Fedora Update for libtommath FEDORA-2013-14482
Check for the Version of libtommath OpenVAS Vulnerability Test Fedora Update for libtommath FEDORA-2013-14482 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for libtommath FEDORA-2013-14488
Check for the Version of libtommath OpenVAS Vulnerability Test Fedora Update for libtommath FEDORA-2013-14488 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[SECURITY] Fedora 18 Update: libtommath-0.42.0-2.fc18
A free open source portable number theoretic multiple-precision integer lib rary written entirely in C. phew!. The library is designed to provide a simple to work with API that provides fairly efficient routines that build out of the box without configuration...
Dell BIOS in some Latitude laptops and Precision Mobile Workstations vulnerable to buffer overflow
Overview Dell BIOS in some older Latitude laptops and Precision Mobile Workstations are vulnerable to buffer overflows CWE-119, which can bypass the signed BIOS enforcement standard. Description CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer Dell BIOS in some olde...
Cisco Jabber Video Engine Denial of Service Vulnerability
A vulnerability in Cisco's Precision Video Engine CVPE code could allow an unauthenticated, remote attacker to cause the crash of various processes and the disconnection of any active calls. The vulnerability is due to improper handling of crafted Real-Time Protocol RTP packets sent at a high rat...
Oracle Java Security Enhancements Get Mixed Reviews
Oracle is working hard to restore some faith in the security of the Java browser plug-in with a number of enhancements announced yesterday, specifically to in-house code testing, as well as policy changes regarding signed applets and certificate validation. But after a miserable year of targeted...