CVE-2016-0260

Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service heap memory consumption by triggering many errors...

CVE-2016-0260

Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service heap memory consumption by triggering many errors...

Command injection

runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3572)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3572 advisory. 2.6.39-400.280.1 - Fix cpu bootup stall with large cpu count Zhenzhong Duan Orabug: 23481040 - megaraidsas : Update threshold based reply post host index...

Unbreakable Enterprise kernel security update

2.6.39-400.280.1 - Fix cpu bootup stall with large cpu count Zhenzhong Duan Orabug: 23481040 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23536267 2.6.39-400.279.1 - IPoIB: increase send queue size to 4 times Ajaykumar Hotchandani Orabug...

IBM WebSphere MQ Arbitrary Command Execution Vulnerability

IBM WebSphere MQ is a messaging middleware product. An arbitrary command execution vulnerability exists in IBM WebSphere MQ, which can be exploited by a local attacker to execute arbitrary commands with elevated privileges...

IBM WebSphere MQ for IBM i Password Acquisition Vulnerability

IBM WebSphere MQ is a messaging middleware product. A password acquisition vulnerability exists in the IBM WebSphere MQ mqcertck tool, which can be exploited by a local attacker to decrypt other MQ administrator passwords with administrator privileges...

kernel security and bug fix update

3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...

The vulnerability of the Xymon network monitoring software allows a intruder to input arbitrary messages.

The vulnerability in the lib/xymondipc.c file of the network monitoring software Xymon is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to insert arbitrary messages into the queue...

DEBIAN-CVE-2016-2544

Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...

CVE-2016-2416

libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive information, and consequently bypass an unspecified...

UBUNTU-CVE-2016-2416

libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive information, and consequently bypass an unspecified...

CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

DEBIAN-CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

UBUNTU-CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or bypass security mechanisms

The vulnerability of the BnGraphicBufferProducer::onTransact function libs/gui/IGraphicBufferConsumer.cpp in the mediaserver component of the Android operating system exists due to the lack of initialization for certain input data structures. Exploiting this vulnerability could allow an attacker ...

jenkins: Queue API did show items not visible to the current user (SECURITY-186)

Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api...

Android mediaserver security bypass vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. mediaserver is one of the multimedia service components. A security vulnerability exists in the 'BnGraphicBufferProducer::onTransact' function in the...