x86: infinite loop due to missing PoD error checking

ISSUE DESCRIPTION Failure to recognize errors being returned from low level functions in Populate on Demand PoD code may result in higher level code entering an infinite loop. IMPACT A malicious HVM guest can cause one pcpu to permanently hang. This normally cascades into the whole system freezin...

[SECURITY] Fedora 27 Update: roundcubemail-1.3.3-1.fc27

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 26 Update: roundcubemail-1.3.3-1.fc26

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Heap overflow

Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...

CVE-2017-1000173

Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow...

CVE-2017-11085

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msmaudioeffectsvirtualizerhandler, file msm-audio-effects-q6-v2.c...

Integer overflow

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msmaudioeffectsvirtualizerhandler, file msm-audio-effects-q6-v2.c...

CVE-2017-11085

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msmaudioeffectsvirtualizerhandler, file msm-audio-effects-q6-v2.c...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.18 security update

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Huawei Honor 8 Buffer Overflow Vulnerability

The Huawei Honor 8 is a smartphone from the Chinese company Huawei Huawei. The Huawei Honor 8 suffers from a buffer overflow vulnerability due to a lack of parameter checking in the phone's CameraISP driver. An attacker exploits the vulnerability by tricking users into installing a malicious...

CVE-2017-6275

An information disclosure vulnerability exists in the Thermal Driver, where a missing bounds checking in the thermal driver could allow a read from an arbitrary kernel address. This issue is rated as moderate. Product: Pixel. Versions: N/A. Android ID: A-34702397. References: N-CVE-2017-6275...

CVE-2017-6275

An information disclosure vulnerability exists in the Thermal Driver, where a missing bounds checking in the thermal driver could allow a read from an arbitrary kernel address. This issue is rated as moderate. Product: Pixel. Versions: N/A. Android ID: A-34702397. References: N-CVE-2017-6275...

Cr3dOv3r - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs but useful : Search for public leaks for the email and if it any, it returns with all available details about the leak Using hacked-emails site API. Now you give it this email's old or...

Buffer overflow

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrari...

CVE-2017-16671

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrari...

SSH Compression Error Checking

The remote host supports algorithms that can use compression. But when ssh attempts to use compression for that communication, the connections do not succeed. TRUSTED...

ILIAS Detection (HTTP)

HTTP based detection of ILIAS eLearning. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.140443";...

Cisco Jabber for Windows Client Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input- and validation-checking mechanism...

Hancom Hangul HCell HncChart CFormulaTokenSizeModifier Code Execution Vulnerability(CVE-2016-4295)

Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul Hcell Document .cell and...

Hancom Hangul Office HShow!NXDeleteLineObj+0x53692 Code Execution Vulnerability(CVE-2016-4291)

Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul HShow Document .hpt and...