ISC BIND 9.9.6-S2 DNSSEC Validation DoS

According to its self-reported version number, the remote installation of BIND via DNSco is potentially affected by a denial of service vulnerability due to an error relating to DNSSEC validation and the managed-keys feature. A remote attacker can trigger an incorrect trust-anchor management...

libyaml: assert failure when processing wrapped strings

An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash...

Design/Logic Flaw

named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit, or daemon crash by triggering an incorrect trust-anchor...

CXF: Improper security semantics enforcement of SAML SubjectConfirmation methods

It was found that Apache WSS4J Web Services Security for Java, as used by Apache CXF with the TransportBinding, did not, by default, properly enforce all security requirements associated with SAML SubjectConfirmation methods. A remote attacker could use this flaw to perform various types of...

Amazon Linux AMI : perl-YAML-LibYAML (ALAS-2015-482)

An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

Medium: libyaml

Issue Overview: An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. CVE-2014-9130 Affected Packages: libyaml Issue Correction: Run yum...

Moderate: Red Hat Security Advisory: libyaml security update

Updated libyaml packages that fix one security issue are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

libyaml: assert failure when processing wrapped strings

An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash...

Scientific Linux Security Update : libyaml on SL6.x, SL7.x i386/x86_64 (20150128)

An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. CVE-2014-9130 All running applications linked against the libyaml library must be...

RedHat Update for libyaml RHSA-2015:0100-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libyaml security update

CentOS Errata and Security Advisory CESA-2015:0100 Updated libyaml packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

libyaml: assert failure when processing wrapped strings

An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash...

PT-2022-22462 · Monetdb +1 · Monetdb Database Server +1

Name of the Vulnerable Software and Affected Versions: MonetDB Database Server version 11.43.13 Description: The assertion stmt-Dbc-FirstStmt failed in the MonetDB Database Server. Recommendations: For MonetDB Database Server version 11.43.13, at the moment, there is no information about a newer...

Unspecified Vulnerability in Oracle OpenSSO SAML Subpart (CNVD-2015-00552)

OpenSSO project is an open source implementation of SSO Single Sign-On for Web applications deployed on different Web or different servers to provide centralized authentication capabilities . Oracle OpenSSO SAML subcomponent has a security vulnerability that allows remote attackers to exploit the...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark6)

The remote Solaris system is missing necessary patches to address security updates : - The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service application crash via a crafted packet. CVE-2013-492...

Oracle Solaris Third-Party Patch Update : bind (cve_2011_4313_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial o...

CVE-2014-6386

Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R9, 12.3R2 before 12.3R2-S3, 12.3 before 12.3R3, 13.1 before 13.1R4, and 13.2 before 13.2R1 allows remote attackers to cause a denial o...

MGASA-2015-0004 Updated python-yaml packages fix security vulnerability

Updated python-yaml packages fix security vulnerability: Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using...

Updated python-yaml packages fix security vulnerability

Updated python-yaml packages fix security vulnerability: Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using...

[SECURITY] [DLA 127-1] pyyaml security update

Package : pyyaml Version : 3.09-5+deb6u1 CVE ID : CVE-2014-9130 Debian Bug : 772815 Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into...