Qemu: VNC: memory corruption due to unchecked resolution limit

An out-of-bounds memory access issue was found in Quick Emulator QEMU in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vncrefreshserversurface'. A user inside a guest could use this flaw to crash the QEMU process...

Qemu: VNC: memory corruption due to unchecked resolution limit

An out-of-bounds memory access issue was found in Quick Emulator QEMU in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vncrefreshserversurface'. A user inside a guest could use this flaw to crash the QEMU process...

FreeBSD : xen-tools -- Cirrus VGA Heap overflow via display refresh (af19ecd0-0f6a-11e7-970f-002590263bf5)

The Xen Project reports : A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Information Disclosure

ng2-webstorage is vulnerable to information disclosure. This is because the key in local storage is not cleared properly after deletion. The stored sensitive information should be deleted after the deletion of a key remains until the page is refreshed...

UBUNTU-CVE-2017-2633

An out-of-bounds memory access issue was found in Quick Emulator QEMU before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vncrefreshserversurface'. A user inside a guest could use this flaw to crash the QEMU process...

etnews.com XSS vulnerability

Vulnerable URL: http://www.etnews.com/tools/refreshscript.html?src='"--!...

Citrix Receiver refreshes and comes to foreground of the screen

Once Receiver is configured with URL it refreshes automatically. Change in refresh rate of the Receiver interrupts users when working on other apps...

Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1

Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1 Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 SP1. There is one update available for System Center 2012 SP1...

Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager

Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Virtual Machine Manager. Two updates are available for System Center 2012 R2 Virtual Machine Manager. One update i...

DEBIAN-CVE-2016-5277

Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by leveraging improper interaction between...

Row Hammer Privilege Escalation - Lenovo Support US

No description provided...

MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016

MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code or trigger a service denial.

Mozilla Firefox ESR’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating server permissions...

The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.

Mozilla Thunderbird’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. If exploited, an attacker can execute arbitrary code or cause service interruptions by manipulating server permissions...

openSUSE Security Update : clamav-database (openSUSE-2016-726)

This update for clamav-database refreshes the database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-726...

openSUSE Security Update : clamav-database (openSUSE-2016-451)

This update provides a database refresh for the clamav-database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

RedHat Update for sssd RHSA-2015:2355-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2015-5225

Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...

Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface

A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vncrefreshserversurface routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process...