CVE-2017-9678

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy...

CVE-2017-9678

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy...

home.mathscore.com XSS vulnerability

Vulnerable URL: http://home.mathscore.com/mathscore/user/loginForm.php?logout=1=%3Cimg%20src=x%20onerror=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

PostgreSQL 9.2.x < 9.2.22 / 9.3.x < 9.3.18 / 9.4.x < 9.4.13 / 9.5.x < 9.5.8 / 9.6.x < 9.6.4 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 9.2.x prior to 9.2.22, 9.3.x prior to 9.3.18, 9.4.x prior to 9.4.13, 9.5.x prior to 9.5.8, or 9.6.x prior to 9.6.4. It is, therefore, affected by multiple vulnerabilities : - An authentication bypass flaw exists in that an empty password i...

Oracle Linux 7 : gtk-vnc (ELSA-2017-2258)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2258 advisory. - CVE-2017-5884 - fix bounds checking for RRE, hextile and copyrect encodings rhbz 1425367 Tenable has extracted the preceding description block direct...

kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and...

kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and...

gtk-vnc security, bug fix, and enhancement update

0.7.0-2 - Fix reserved data size rhbz 1416783 - Fix inverted args in tests rhbz 1416783 - Avoid sign extension problems rhbz 1416783 - Fix crash with opening via GSocketAddress rhbz 1416783 - Fix crash & error reporting during connection timeout rhbz 1441120 - Fix incompatibility with libvncserve...

Updated tcpdump package fixes security vulnerability

Security issue due to insufficient bounds checking for STP CVE-2017-11108...

MGASA-2017-0241 Updated tcpdump package fixes security vulnerability

Security issue due to insufficient bounds checking for STP CVE-2017-11108...

kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and...

dnsmasq: Improper bounds checking leads to a buffer overread

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

About the security content of iTunes 12.6.2 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

About the security content of watchOS 3.2.3 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

About the security content of iOS 10.3.3

About the security content of iOS 10.3.3 This document describes the security content of iOS 10.3.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of watchOS 3.2.3

About the security content of watchOS 3.2.3 This document describes the security content of watchOS 3.2.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of iCloud for Windows 6.2.2

About the security content of iCloud for Windows 6.2.2 This document describes the security content of iCloud for Windows 6.2.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

Multiple Cross-Site Request Forgery (CSRF)

Moodle is vulnerable to multiple cross-site request forgery CSRF attacks. The attacks exist because mod/assign/locallib.php does not properly handle session checking in Assignment's quick-grading, allowing any authenticated user to perform the attacks...

Apache OpenMeetings Denial of Service Vulnerability

Apache OpenMeetings is audio and video conferencing software. Apache OpenMeetings checks for security vulnerabilities in the content of uploaded files, allowing remote attackers to exploit the vulnerability to submit special multiple files for denial of service attacks...

CentOS Update for httpd CESA-2017:1721 centos6

Check the version of httpd SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882751";...