Pandora FMS <= 3.1 Authentication Bypass

No description provided by source. + Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers, applicatio...

Adobe Releases Security Updates for Flash Player

US-CERT is aware of active exploitation of a vulnerability in versions of Flash Player which could potentially allow an attacker to take control of an affected system. Adobe has released security updates to address these vulnerabilities. The following updates are available: Flash Player 13.0.0.20...

Microsoft SharePoint Server WAS Memory Corruption Vulnerability (2949660)

This host is missing a critical security update according to Microsoft Bulletin MS14-017. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Android PMS Privilege Escalation Vulnerabilities Found

The first deep look into the security of the Android patch installation process, specifically its Package Management Service PMS, has revealed a weakness that puts potentially every Android device at risk for privilege escalation attacks. Researchers from Indiana University and Microsoft publishe...

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

Ubuntu Releases Security Updates

Ubuntu has released security updates to address a vulnerability in the Mutt E-mail Client for Ubuntu 13.10, 12.10, 12.04 LTS, and 10.04 LTS. This vulnerability may allow an attacker to take control of a system via a crafted email. Users and administrators are encouraged to review Ubuntu Security...

Adobe Flash Player及AIR信息泄露漏洞(CVE-2014-0499)

BUGTRAQ ID: 65703 CVECAN ID: CVE-2014-0499 Adobe Flash Player是一个集成的多媒体播放器。Adobe AIR是针对网络与桌面应用的结合所开发出来的技术，可以不必经由浏览器而对网络上的云端程式做控制。 Adobe Flash Player及AIR在处理含有特制Flash内容的恶意网页时存在多个漏洞，包括栈溢出、内存泄露、双重释放漏洞，未经身份验证的远程攻击者可利用这漏洞获取敏感信息，执行任意代码，最终完全控制受影响系统。 0 Adobe Flash Player 12.0.0.44 Adobe Flash Player...

NVIDIA Graphics Driver Unspecified Privilege Escalation (Windows)

The remote host has a driver installed that is affected by an unspecified, local privilege escalation vulnerability. Using the vulnerability, it may be possible for a local attacker to gain complete control of the system. C Tenable Network Security, Inc. include"compat.inc"; if description...

Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0276)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

MGASA-2014-0029 Updated flash-player-plugin fixes security vulnerabilities

Adobe Flash Player 11.2.202.335 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves a vulnerability that could be used to bypass Flas...

Apple Safari Webkit Floating Point Data Type Code Execution - Ver2 (CVE-2010-1807)

Safari is a web browsing application developed by Apple. Safari browsing functionality is built around the set of components called WebKit. WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A...

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the forma...

MS13-098: Vulnerability in Windows Could Allow Remote Code Execution (2893294)

The remote host contains a version of Microsoft Windows that is affected by a remote code execution vulnerability. The vulnerability exists in the method in which the WinVerifyTrust function deals with Windows Authenticode signature verification for portable executable files. An attacker could...

PT-2013-1328

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to the WinVerifyTrust function in Windows, which is associated with the improper verification of PE file digests during Authenticode signature checking. This can allow a...

sudo: bypass of tty_tickets constraints

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ttytickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another...

Adobe Reader Multiple Unspecified Vulnerabilities-01 (Sep 2013) - Mac OS X

Adobe Reader is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows OLE Remote Code Execution Vulnerability (2876217)

This host is missing a critical security update according to Microsoft Bulletin MS13-070. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Security Updates Available for Adobe Flash Player, Adobe Reader, and Acrobat

Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. Adobe has also released security updates for Adobe Reader and Acrobat XI 11.0.03 and earlier versions for Windows and Macintosh to address multiple vulnerabilities. These vulnerabilities could cause a...

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3187)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

Cisco Releases Multiple Security Advisories

Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow an attacker to take control of the affected system or allow an authenticated but unprivileged, remote attacker to execute arbitrary code on a vulnerable system and on devices managed ...