Amazon Linux: Security Advisory (ALAS-2012-33)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerabilities of iOS and Mac OS X operating systems allow attackers to execute arbitrary code in a privileged context or cause service interruptions.

The vulnerability of the IOKit component in iOS and Mac OS X operating systems arises due to an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure using a modified PLIST file...

The vulnerability of the Mac OS X operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the Install Framework Legacy component in the Mac OS X operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code in a privileged context through a specially crafted applicatio...

The vulnerability of the Mac OS X operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the Install Framework Legacy component in the Mac OS X operating system is related to deficiencies in the privilege termination process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context through a specially crafted...

Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation

Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation Vendor Website : http://www.sonicwall.com INDEX --------------------------------------- 1. CVE 2. Background 3. Description 4. Affected Products 5. Solution 6. Credit 7. Disclosure Timeline 1. CVE...

Tomcat/JbossWeb: security manager bypass via EL expressions

It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections...

Tomcat/JbossWeb: security manager bypass via EL expressions

It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections...

The vulnerability of the Flash Player operating system, which allows a hacker to execute arbitrary privileged code

The vulnerability of the IOAcceleratorFamily component in the OS X operating system is related to a range assignment error. Exploiting this vulnerability allows an attacker to execute arbitrary privileged code through a specially crafted application...

Apache Tomcat Security Manager Bypass Vulnerability

Apache Tomcat is a popular open source JSP application server program. Apache Tomcat versions 8.0.0-RC1 through 8.0.15, 7.0.0 through 7.0.57, and 6.0.0 through 6.0.43 have a Security Restriction Bypass vulnerability in the implementation by evaluating expressions in privileged code areas. An...

Fixed in Apache Tomcat 6.0.44

Low: Denial of Service CVE-2014-0230 When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the...

HP Operations Agent Opcode Stack Buffer Overflow - Ver2 (CVE-2012-2019)

A stack-based buffer overflow vulnerability has been reported in HP Operations Agent. The vulnerability is due to a bound checking error when processing requests containing certain opcodes. A remote attacker can exploit this vulnerability by sending a specially crafted request to the server...

Microsoft July 2014 Patch Tuesday fixes 29 IE Vulnerabilities

Microsoft today issued two critical-, three important-, and one moderate-rated security bulletins in the July edition of its monthly Patch Tuesday release. The updates address 29 security vulnerabilities in the company’s Windows operating system, Internet Explorer browser, and server software. Th...

AMD K6 Processor Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/105/info A bug in Advance Micro Devices K6 processor allows non-privileged code to crash the machine. Under Linux 2.1.x a bug stops this vulnerability. $ cat a.s .text .align 4096 / r1 / .globl start start: movl start, %e...

UBUNTU-CVE-2014-1529

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

RedHat Update for thunderbird RHSA-2013:1480-01

Check for the Version of thunderbird OpenVAS Vulnerability Test RedHat Update for thunderbird RHSA-2013:1480-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

OpenJDK: RMI registry privileged code execution (RMI, 7083012)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.233 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to...

Oracle Java FileImageInputStream Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific vulnerability is inside the...

Oracle Java ObjectOutputStream Sandbox Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

Bypass of XrayWrappers using XBL Scopes — Mozilla

Mozilla Developer Bobby Holley and Mozilla security researcher mozbugra4 discovered a mechanism where XBL scopes can be be used to circumvent XrayWrappers from within the Chrome on unprivileged objects. This allows web content to potentially confuse privileged code and weaken invariants and can...

Mozilla Firefox Flash Privileged Code Injection (CVE-2013-0758)

A privileged code injection vulnerability has been reported in Mozilla Firefox...