Cross site scripting

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ Advanced Message Security for IBM i, IBM WebSphere MQ Client for HP-NSS

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM WebSphere MQ Advanced Message Security for the IBM i platform, IBM WebSphere MQ HP-NSS and IBM WebSphere MQ Paho MQTT clients. IBM WebSphere MQ Advanced Message Security for the IBM i...

Solaris 10 (sparc) : 120201-06

X11 6.8.0: Xorg client libraries patch. Date this patch was last updated by Sun : Sep/12/13 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 10 (sparc) : 120201-07

X11 6.8.0: Xorg client libraries patch. Date this patch was last updated by Sun : Jul/13/15 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

MGASA-2018-0011 Updated X11 client libraries packages fix security vulnerability

The XvQueryAdaptors and XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data CVE-2016-5407. The XGetImage function in X.org libX11 before 1.6.4 might allow remo...

Updated X11 client libraries packages fix security vulnerability

The XvQueryAdaptors and XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data CVE-2016-5407. The XGetImage function in X.org libX11 before 1.6.4 might allow remo...

CVE-2015-3254

The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service infinite recursion via vectors involving the skip function...

CVE-2015-3254

Removed by vendor...

CVE-2015-3254

Apache Thrift client libraries before 0.9.3 are affected by CVE-2015-3254, which could allow a remote authenticated user to trigger a denial of service via infinite recursion in the skip function. Impact is a partial denial of service (availability affected) with network access and no confidentia...

SUSE-SU-2016:2828-1 Security update for X Window System client libraries

This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission...

SUSE SLED12 / SLES12 Security Update : X Window System client libraries (SUSE-SU-2016:2828-1)

This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission...

Debian DLA-667-1 : libxv security update

Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers. Insufficient validation of data from the X server can cause out of boundary memory and memory corruption in the libxv library. For...

[SECURITY] [DLA 667-1] libxv security update

Package : libxv Version : 2:1.0.7-1+deb7u2 CVE ID : CVE-2016-5407 Debian Bug : 840438 Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers. Insufficient validation of data from the X serve...

Debian DLA-664-1 : libxrender security update

Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers. Insufficient validation of data from the X server could cause out of boundary memory writes in the libXrender library potentially...

DLA-667-1 libxv - security update

Bulletin has no description...

DLA-664-1 libxrender - security update

Bulletin has no description...

FreeBSD : X.org libraries -- multiple vulnerabilities (1cf65085-a760-41d2-9251-943e1af62eb8)

Matthieu Herrb reports : Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. These issue come in...

X.org libraries -- multiple vulnerabilities

Matthieu Herrb reports: Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. These issue come in...

Updated python3/python packages fix security vulnerability

Fix for CVE-2016-1000110 HTTPoxy attack. Many software projects and vendors have implemented support for the “Proxy” request header in their respective CGI implementations and languages by creating the “HTTPPROXY” environmental variable based on the header value. When this variable is used in man...

Adobe Experience Manager (AEM) Detection (HTTP)

HTTP based detection of Adobe Experience Manager AEM. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...