2259 matches found
MyScript SDK for Android Deserialization Code Execution Vulnerability
MyScript SDK for Android is a software development kit for MyScript handwriting input recognition engine based on Android platform. A security vulnerability exists in versions of MyScript SDK for Android prior to version 1.3. The vulnerability can be exploited to execute arbitrary code via the...
CVE-2016-8365
OSIsoft PI System software Applications using PI Asset Framework AF Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit SDK versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI...
CVE-2016-8365
OSIsoft PI System software Applications using PI Asset Framework AF Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit SDK versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI...
Investors concerned about smartphone addiction; Apple responds with new webpage
Hot on the heels of an open letter from investors urging Apple to do more to protect children from smartphone addiction, the tech giant has recently dedicated a page on their website to families. The "Families" page, which can be accessed at apple.com/families, contains tools parents can use to s...
CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2018:0349)
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
SUSE SLES11 Security Update : ncurses (SUSE-SU-2018:0178-1)
This update for ncurses fixes the following issues: Security issue fixed : - CVE-2017-13733: Fix illegal address access in the fmtentry function bsc1056127. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
Denial of Service Vulnerability in Zhejiang Dahua Playback Library SDK (CNVD-2018-01922)
Playback Library SDK is a development kit based on Dahua's private code stream encapsulation protocol developed to serve network DVRs, network video servers, network cameras, network dome cameras, intelligent devices and other products. A denial-of-service vulnerability exists in dhplay.dll in th...
Application fuzzing in the era of Machine Learning and AI
Proactively testing software for bugs is not new. The earliest examples date back to the 1950s with the term fuzzing. Fuzzing as we now refer to it is the injection of random inputs and commands into applications. It made its debut quite literally on a dark and stormy night in 1988. Since then,...
RHEL 6 : java-1.8.0-ibm (RHSA-2017:3453)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3453 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...
CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2017:3392)
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
BlackBerry QNX Software Development Platform Information Disclosure Vulnerability
The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of QNX SDP in BlackBerry QNX SDP...
BlackBerry QNX Software Development Platform Elevation of Privilege Vulnerability
The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An elevation of privilege vulnerability exists in the default configuration of QNX SDP in BlackBerry QNX SDP...
CVE-2017-9371
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...
CVE-2017-3892
In BlackBerry QNX Software Development Platform SDP 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs...
Buffer overflow
In BlackBerry QNX Software Development Platform SDP 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks...
CVE-2017-9369
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...
Default configuration
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...
Information disclosure
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...
CVE-2017-3893 Incomplete vulnerability mitigations
In BlackBerry QNX Software Development Platform SDP 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks...
CVE-2017-9371
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...