CVE-2016-7949

Multiple buffer overflows in the 1 XvQueryAdaptors and 2 XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields...

CVE-2016-7943

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations...

CVE-2016-7943

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations...

CVE-2016-7949

Multiple buffer overflows in the 1 XvQueryAdaptors and 2 XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields...

CVE-2016-7947

Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response...

CVE-2016-7943

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations...

The vulnerability of Google Chrome browser allows a perpetrator to bypass the sandboxing mechanism or trigger a service failure.

The common/partialcircularbuffer.cc file in Google Chrome’s browser contains errors when dealing with pointers. As a result, attackers may bypass the sandbox mechanism or cause failures in the processing of large data writes using the PartialCircularBuffer::Write and PartialCircularBuffer::DoWrit...

CVE-2015-3085

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on...

Design/Logic Flaw

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on...

Design/Logic Flaw

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on...

CVE-2015-3082

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on...

CVE-2015-3085

CVE-2015-3085 is a remote-write-bypass vulnerability in Adobe Flash Player and related AIR components. Affects Flash Player before 13.0.0.289 and 14.x up to 17.x before 17.0.0.188 (Windows/macOS) and before 11.2.202.460 (Linux), as well as Adobe AIR before 17.0.0.172, and AIR SDKs before 17.0.0.1...

CVE-2014-4380

The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...

CVE-2014-4381

CVE-2014-4381 (Libnotify) affects Apple TV 3rd generation and later (before TV OS 7). The vulnerability is an out-of-bounds write in Libnotify, enabling a crafted application to execute arbitrary code with root privileges. Public docs mention this CVE among Apple TV 7 updates; remediation is to i...

CVE-2014-0196

The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by triggering a race condition...

CVE-2013-5550

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549...

Hardcoded credentials

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549...

samba3x security and bug fix update

3.6.6-0.136 - resolves: 984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list 3.6.6-0.135 - Fix PIDL parsing with newer versions of gcc. - Fix dereferencing a unique pointer in the WKSSVC server. - resolves: 982484 3.6.6-0.134 - Check for system libtevent and require version...

CVE-2013-2140

The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...

CVE-2013-2140

The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...