Debian DSA-3627-1 : phpmyadmin - security update

Several vulnerabilities have been fixed in phpMyAdmin, the web-based MySQL administration interface. - CVE-2016-1927 The suggestPassword function relied on a non-secure random number generator which makes it easier for remote attackers to guess generated passwords via a brute-force approach. -...

The vulnerability of the microprogrammed logic controller Siemens Simatic S7-1200 allows a malicious actor to intercept communication sessions.

The software of the Siemens SIMATIC S7-1200 programmable logic controller contains a vulnerability in the random number generator integrated into the authentication handler of the web server. During operation, it is possible to intercept a communication session by adjusting the session identifier...

Security update for qemu (important)

qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a service failure

A malfunction in the ANSI pseudo-random number generator leads to the use of a lower entropy, which results in a failure in service...

Enonic XP: source code security analysis report

Several vulnerabilities were discovered in Enonic AS 'Enonic XP' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Отсутствие верификации цифровой подписи исполняемых файлов, полученных из недоверенных источников HttpOnly...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)

qemu was updated to fix 37 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

Juniper Updates ScreenOS: Hopes RNG/NSA Controversy Over

Juniper Networks hopes to remove any clouds of uncertainty that its networking gear might still have a backdoor that could allow the NSA or hackers to snoop on traffic running through its hardware. On Thursday, Juniper completed an update to the way its ScreenOS software handles encryption. Junip...

DEBIAN-CVE-2016-2858

QEMU, when built with the Pseudo Random Number Generator PRNG back-end support, allows local guest OS users to cause a denial of service process crash via an entropy request, which triggers arbitrary stack based allocation and memory corruption...

CVE-2016-2858

QEMU, when built with the Pseudo Random Number Generator PRNG back-end support, allows local guest OS users to cause a denial of service process crash via an entropy request, which triggers arbitrary stack based allocation and memory corruption...

UBUNTU-CVE-2016-2858

QEMU, when built with the Pseudo Random Number Generator PRNG back-end support, allows local guest OS users to cause a denial of service process crash via an entropy request, which triggers arbitrary stack based allocation and memory corruption...

QEMU Denial of Service Vulnerability (CNVD-2016-01541)

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU has a security vulnerability. Due to an error in the program's handling of requests for random number generation entropy. A local attacker exploited the...

The vulnerability of Google Chrome browser allows a hacker to break the cryptographic protection mechanism.

The vulnerability of the Blink component in Google Chrome’s browser is due to the fact that the random number generator may not function properly. Exploiting this vulnerability allows a remote attacker to break the cryptographic security mechanism...

PHP 7.0.x < 7.0.1 Multiple Vulnerabilities

Binary data 9064.prm...

Debian DSA-3456-1 : chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-6792 An issue was found in the handling of MIDI files. - CVE-2016-1612 cloudfuzzer discovered a logic error related to receiver compatibility in the v8 JavaScript library. - CVE-2016-1613 A use-after-free issue was...

Unspecified Vulnerability in Google Chrome Blink

Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A security vulnerability exists in Blink, as used in versions of Google Chrome prior to 48.0.2564.82, which stems from the program not ensuring...

USN-2877-1: Oxide vulnerabilities

A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. CVE-2016-1612 An issue was...

[SECURITY] [DSA 3456-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3456-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 27, 2016 https://www.debian.org/security/faq -...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:0250-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-3456-1 chromium-browser - security update

Bulletin has no description...

Security update for Chromium (important)

Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...