CVE-2013-4544

CVE-2013-4544 affects QEMU’s VMXNET3 NIC emulation (hw/net/vmxnet3.c) in versions including 2.0.0-rc0, 1.7.1 and earlier. The root cause is improper handling of queue/interrupt state for the VMXNET3 device, enabling a local guest user to trigger a denial of service or potentially execute arbitrar...

Processing malformed PNG by incoming mail handler causes OOM and blocks queue

There are two problems: 1. OOM 2. Incoming email processing is blocked Looks like this is similar problem to JRA-35816, fixed in atlassian-core, but mail handler does not use atlassian-core. It affects production OnDemand, all instances. codejava.lang.OutOfMemoryError: Java heap space Dumping hea...

Processing malformed PNG by incoming mail handler causes OOM and blocks queue

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report|http://jira.atlassian.com/browse/JRASERVER-38028. panel There are two problems: 1. OOM 2. Incoming email processing is blocked Looks like this is similar problem to JRA-35816, fixed i...

UBUNTU-CVE-2013-4544

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to 1 RX or 2 TX queue numbers or 3 interrupt indices. NOTE: some of these details are obtained from third party information...

HackerOne: creating titleless and non-closable bugs

Hi, I just found that it's possible to create titleless and non-closable bugs by prepending values for the 'reporttitle' and 'reportvulnerabilityinformation' parameters with '%00' characters respectively. To reproduce: - Create a baseline request via https://hackerone.com/program/reports/new -...

Fedora Update for kernel FEDORA-2014-4360

Check for the Version of kernel OpenVAS Vulnerability Test Fedora Update for kernel FEDORA-2014-4360 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

kernel: vhost-net: insufficient handling of error conditions in get_rx_bufs()

The getrxbufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux RHEL 6 does not properly handle vhostgetvqdesc errors, which allows guest OS users to cause a denial of service host OS crash via unspecified...

wireshark: MQ dissector crash (wnpa-sec-2013-58, upstream bug 9079)

The dissectmqrr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service application crash via a crafted packet...

DEBIAN-CVE-2014-0055

The getrxbufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux RHEL 6 does not properly handle vhostgetvqdesc errors, which allows guest OS users to cause a denial of service host OS crash via unspecified...

CVE-2014-2568

Use-after-free vulnerability in the nfqnlzcopy function in net/netfilter/nfnetlinkqueuecore.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the...

KLA10430 RCE vulnerability in Free Download Manager

A lack of size assertion was found in Free Download Manager. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to the download queue via a specially designed object name. Original advisories RCESecueity...

CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

Information disclosure

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

UBUNTU-CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

Solaris 9 (x86) : 142848-04

Message Queue 4.4 Update 2 Patch 1x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Nov/19/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 9 (sparc) : 142846-04

Message Queue 4.4 Update 2 Patch 1 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Nov/19/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 10 (x86) : 127413-16 (deprecated)

Message Queue 4.1 Update 4 Patch 6x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 This plugin has been deprecated and either replaced with individual 127413 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...

Solaris 9 (sparc) : 127411-16

Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 10 (sparc) : 127411-16 (deprecated)

Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 This plugin has been deprecated and either replaced with individual 127411 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, In...