SIEMENS BFCClient has multiple vulnerabilities

SIEMENS BFCClient is to provide equipment networking services to help manufacturing companies achieve cost reduction and efficiency through equipment data collection, visualization and analysis. SIEMENS BFCClient has multiple vulnerabilities that can be exploited by attackers to read memory...

Evasive Ransomware Attacks Using Low-Level Behavioral Adversarial Examples

Protecting state-of-the-art AI-based cybersecurity defense systems from cyber attacks is crucial. Attackers create adversarial examples by adding small changes i.e., perturbations to the attack features to evade or fool the deep learning model. This paper introduces the concept of low-level...

Dell OpenManage Server Administrator 输入验证错误漏洞

Dell OpenManage Server Administrator Dell OMSA is a software agent from Dell Dell USA. Provides a comprehensive one-to-one systems management solution in two ways. An input validation error vulnerability exists in Dell OpenManage Server Administrator version 11.0.1.0 and prior versions, which...

CVE-2024-5823

A CVE-2024-5823 entry concerns a file overwrite vulnerability in gaizhenbiao/chuanhuchatgpt versions <= 20240410. The root cause: an insecure file handling path enables an attacker to overwrite critical configuration files, which can lead to unauthorized changes in system behavior or security ...

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

USN-5822-1: Samba vulnerabilities

It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. CVE-2021-20251 Evgeny Legerov discovered that Samba incorrectly handled buffers in certai...

OPENSUSE-SU-2021:0682-1 Security update for redis

This update for redis fixes the following issues: redis 6.0.13 CVE-2021-29477: Integer overflow in STRALGO LCS command boo1185729 CVE-2021-29478: Integer overflow in COPY command for large intsets boo1185730 Cluster: Skip unnecessary check which may prevent failure detection Fix performance...

openSUSE Security Update : MozillaThunderbird (openSUSE-2017-1144)

Mozilla Thunderbird was updated to 52.4.0 boo1060445 - new behavior was introduced for replies to mailing list posts: 'When replying to a mailing list, reply will be sent to address in From header ignoring Reply-to header'. A new preference mail.overridelistreplyto allows to restore the previous...

Fedora 24 : phpMyAdmin (2017-294c23bb1d)

Welcome to phpMyAdmin 4.6.6, a release containing security and bug fixes. This release includes many security fixes of various levels of severity. We recommend all users upgrade to this release immediately. For full information on the vulnerabilities fixed and mitigation factors for users who are...

Security update for MozillaThunderbird (important)

This update for MozillaThunderbird fixes some potential security issues and bugs. The following security flaws cannot be exploited through email because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts: - CVE-2016-9079: SVG Animation Remote Co...

MS16-088: Description of the security update for Excel 2013: July 12, 2016

MS16-088: Description of the security update for Excel 2013: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

MS16-077: Description of the security update for WPAD: June 14, 2016

MS16-077: Description of the security update for WPAD: June 14, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if the Web Proxy Auto Discovery WPAD protocol falls back to a vulnerable proxy discovery process ...

OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0048)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 - Restore functionallity of pamsshagentauth in FIPS mode 1278315 - Initialize devicesdone variable for challenge response 128146...

openssh security, bug fix, and enhancement update

5.3p1-117 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 5.3p1-116 - Restore functionallity of pamsshagentauth in FIPS mode 1278315 - Initialize devicesdone variable for challenge response 1281468 - Update behaviour of X11 forwarding to match upstream 1299048 5.3p1-115 ...

Fedora 15 : feh-1.14.1-1.fc15 (2011-8750)

Changes since 0.10.1 : - Bug fixes Make zoomdefault key work properly with --geometry Only create caption directory when actually writing out a caption. read directory contents sorted by filename instead of 'randomly' as returned by readdir by default. Thanks talisein! Show certain warnings in th...

Ubuntu 10.04 LTS : libvirt regression (USN-1008-4)

USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify 'hostdevice' as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old...