UBUNTU-CVE-2015-2712

The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger...

Attachmate Reflection FTP Client PWD Command Buffer Overflow (CVE-2014-5211)

A stack-based buffer overflow vulnerability exists in Attachmate Reflection FTP Client. The vulnerability is caused by insufficient boundary checking while processing PWD command responses. An attacker could exploit this vulnerability by enticing a user to access an FTP server that sends speciall...

IBM Tivoli Storage Manager FastBack Mount 6.1.x < 6.1.11.1 Multiple Vulnerabilities

The version of IBM Tivoli Storage Manager FastBack running on the remote host is 6.1.x prior to 6.1.11.1. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the mount service due to improper validation of user-supplied input to the CRYPTOSEncryptBufferToBuffer function. A...

[SECURITY] Fedora 22 Update: testdisk-7.0-2.fc22

Tool to check and undelete partition. Works with FAT12, FAT16, FAT32, NTFS, ext2, ext3, ext4, btrfs, BeFS, CramFS, HFS, JFS, Linux Raid, Linux Swap, LVM, LVM2, NSS, ReiserFS, UFS, XFS. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG,...

Moodle < 2.4 / 2.4.x < 2.4.10 / 2.5.x < 2.5.6 / 2.6.x < 2.6.3 Multiple Vulnerabilities

Binary data 8716.prm...

Not Yet Commons SSL certificate spoofing

Insufficient certificate checking...

Open-Source Host-Based Intrusion Detection System: OSSEC

OSSEC is a platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring, and Security Incident Management SIM/Security Information and Event Management SIEM together in a simple, powerful, and open source solution. Key...

Apple TV < 7.2 Multiple Vulnerabilities

According to its banner, the remote Apple TV device is a version prior to 7.2. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption vulnerabilities exist in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted...

[20150601] - Core - Open Redirect

Inadequate checking of the return value allowed to redirect to an external page...

(Pwn2Own) Mozilla Firefox Bounds Check Elimination Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2014-9706

The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...

CVE-2014-9706

The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...

Security update for seamonkey (important)

SeaMonkey was updated to 2.33.1 to fix several vulnerabilities. The following vulnerabilities were fixed: Privilege escalation through SVG navigation CVE-2015-0818 Code execution through incorrect JavaScript bounds checking elimination CVE-2015-0817...

Mandriva Linux Security Advisory : squid (MDVSA-2015:103)

Updated squid packages fix security vulnerabilities : Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled CVE-2014-0128. Matthew Daley discovered that Squid 3 did not properly...

IBM DB2 Universal Database DAS Buffer Overflow Vulnerability

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBM i, z/OS, and Windows server versions. A buffer overflow vulnerability exists in IBM DB2 that stems from the program's failure to perform...

HP Operations Agent Opcode Stack Buffer Overflow - Ver2 (CVE-2012-2019)

A stack-based buffer overflow vulnerability has been reported in HP Operations Agent. The vulnerability is due to a bound checking error when processing requests containing certain opcodes. A remote attacker can exploit this vulnerability by sending a specially crafted request to the server...

openSUSE Security Update : MozillaFirefox (openSUSE-2015-263)

MozillaFirefox was updated to Firefox 36.0.4 to fix two critical security issues found during Pwn2Own : - MFSA 2015-28/CVE-2015-0818 bmo1144988 Privilege escalation through SVG navigation - MFSA 2015-29/CVE-2015-0817 bmo1145255 Code execution through incorrect JavaScript bounds checking eliminati...

Mozilla: Code execution through incorrect JavaScript bounds checking elimination (MFSA 2015-29)

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...

CVE-2015-0817

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...

SeaMonkey < 2.33.1 Multiple Vulnerabilities

The version of Mozilla SeaMonkey installed on the remote host is prior to 2.33.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to an out-of-bounds error in typed array bounds checking within 'asmjs/AsmJSValidate.cpp', which relates to...