[SECURITY] Fedora 23 Update: community-mysql-5.6.30-1.fc23

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

Information disclosure

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka "TLS/SSL Information Disclosure Vulnerability."...

CVE-2016-2346

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...

CVE-2016-2346

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...

Midea's i+ smart refrigerator has design logic flaws

The Midea i+ Smart Refrigerator is a smart home appliance developed by Midea Group. Midea's i+ Smart Refrigerator is susceptible to man-in-the-middle attacks due to the insecure protocol for transmitting data and the lack of validation of what is transmitted on the client and server side. The lac...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the client-server operating system implementation in Windows is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating locally, to enhance their privileges through a specially created application...

Microsoft Windows Client-Server Run-time Subsystem Security Bypass Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in the Client Server Runtime Subsystem CSRSS of Microsoft Windows, which arises from a program's failure to properly manage process tokens in memory. A local...

Samba Man-in-the-Middle Attack Vulnerability (CNVD-2016-02276)

Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. Samba fails to protect the integrity of IPC traffic, allowing an attacker to exploit this vulnerability as a man-in-the-middle...

CVE-2016-0151

The Client-Server Run-time Subsystem CSRSS in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass...

MS16-048: Security Update for CSRSS (3148528)

The remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in the Client-Server Run-time Subsystem CSRSS due to improper management of process tokens in memory. A local attacker can exploit this vulnerability, via a specially crafte...

PT-2016-1687 · Microsoft · Windows Server 2012 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 8.1, 10 Gold, 10 1511, Server 2012 Gold, Server 2012 R2, and RT 8.1 Description: The issue is related to the mismanagement of process tokens by the Client-Server Run-time Subsystem CSRSS in Microsoft Windows, allowi...

[SECURITY] Fedora 22 Update: chrony-2.1.1-2.fc22

A client/server for the Network Time Protocol, this program keeps your computer's clock accurate. It was specially designed to support systems with intermittent internet connections, but it also works well in permanently connected environments. It can use also hardware reference clocks, system...

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream...

[SECURITY] Fedora 21 Update: community-mysql-5.6.27-1.fc21

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

Multiple EMC RSA products vulnerable

EMC RSA BSAFE Micro Edition Suite MES and others are products of EMC Corporation.EMC RSA BSAFE is a security software product that supports cryptographic algorithms, certificate chain validation, and Transport Layer Security TLS encryption suites, among other things, to help users achieve a wide...

[SECURITY] Fedora 21 Update: community-mysql-5.6.26-1.fc21

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

ipa security and bug fix update

3.0.0-47.el6 - Resolves: 1220788 - Some IPA schema files are not RFC 4512 compliant 3.0.0-46.el6 - Use tls version range in NSSHTTPS initialization - Resolves: 1154687 - POODLE: force using safe ciphers non-SSLv3 in IPA client and server - Resolves: 1012224 - host certificate not issued to client...

[SECURITY] Fedora 22 Update: netty-4.0.28-1.fc22

Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. 'Quick and easy' doesn't mean that a resulting application wil...

Bacula - Network Backup Tool for Linux, Unix, Mac, and Windows

Bacula is a set of computer programs that permits the system administrator to manage backup, recovery, and verification of computer data across a network of computers of different kinds. Bacula can also run entirely upon a single computer and can backup to various types of media, including tape a...

Maligno v2.0 - Metasploit Payload Server

Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...