MGASA-2021-0102 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.19 and fixes at least the following security issues: An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel. A userland application can read the contents of the sigpage, which can leak kernel memory...

ADM - Failed to allocate requested capacity for MPX/SDX or VPX to create in SDX

When multiple pool of licenses Bandwidth/instance are purchased at different points in time, the Service agreement SA date and expiration date are different, causing each pool of licenses to be recognized as separate on Citrix ADM, instead of one combined pool of licenses. This sometimes may caus...

Design/Logic Flaw

A vulnerability in the Secure Sockets Layer SSL VPN feature of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition that prevents the creation of new SSL/Transport Layer Security TLS connections to an affected...

CVE-2019-12677 Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL VPN feature of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition that prevents the creation of new SSL/Transport Layer Security TLS connections to an affected...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4093-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4093-1 advisory. It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4094-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4094-1 advisory. It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could...

CVE-2013-7023

The ffcombineframe function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted data...

CVE-2013-7023

CVE-2013-7023 affects FFmpeg prior to 2.1 in libavcodec/parser.c, specifically ff_combine_frame, where certain memory-allocation errors are not handled correctly. This can enable remote attackers to cause a denial of service via out-of-bounds accesses, or potentially have other unspecified impact...

Oracle Linux 6 : libxml2 (ELSA-2012-0018)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0018 advisory. - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919 Tenable has...

OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

CVE-2013-2445

CVE-2013-2445 is an unspecified vulnerability in the Java Runtime Environment (JRE)/Hotspot affecting availability via unknown vectors, with a note that it may bypass the Java sandbox through memory allocation error handling. Publicly listed affected products include Oracle Java SE 7 Update 21 an...

CVE-2013-2445

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

CVE-2013-2445

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

Debian: Security Advisory (DSA-1941-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via 1 a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; 2 a corrupted NTFS filesystem, which causes the application to report "memory allocation...

CVE-2007-4036

The CVE-2007-4036 entry concerns Guidance Software EnCase. Affected component: EnCase (Desktop/forensics software). The vulnerability involves three user-assisted remote vectors: (1) corrupted Microsoft Exchange database causing an application crash when many options are selected; (2) corrupted N...