(Pwn2Own) Oracle Java Font Handling Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Oracle Java setICMpixels Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(Pwn2Own) Google Chrome Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

Oracle Java MethodHandle Sandbox Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

VulnCheck KEV: CVE-2013-1347

This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer...

D-Link DIR-635 - Multiple Vulnerabilities

D-Link DIR-635 - Multiple Vulnerabilities Device Name: DIR-635 Vendor: D-Link ============ Vulnerable Firmware Releases: ============ Firmwareversion: 2.34EU Hardware-Version: B1 Produktseite: DIR-635 ============ Vulnerability Overview: ============ Stored XSS - Status - WLAN - SSID Injecting...

Slackware 13.37 / 14.0 / current : xorg-server (SSA:2013-109-01)

New xorg-server packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-109-01. The text itself is...

xorg-server

New xorg-server packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/xorg-server-1.12.4-i486-1slack14.0.txz: Upgraded. This update fixes an input flush bug with evdev. Under exceptional...

Slackware 13.37 / 14.0 / current : mozilla-thunderbird (SSA:2013-093-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-093-02. The text itself i...

mozilla-firefox

New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-firefox-20.0-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements. For more...

Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2013-086-01)

New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-086-01. The tex...

Microsoft Internet Explorer GetMarkupPtr Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CMarkupBehaviorContext Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of...

Microsoft Internet Explorer removeChild Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

packstack: answerfile creation permissions issue

PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file...

Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-075-01. The text itself is copyrig...

ruby

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/ruby-1.9.3p392-i486-1slack14.0.txz: Upgraded. This release includes security fixes about bundled JSON and REXML. For more...

seamonkey

New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/seamonkey-2.16.1-i486-1slack14.0.txz: Upgraded. This update contains security fixes and improvements. For more information...

Slackware 13.37 / 14.0 / current : mozilla-thunderbird (SSA:2013-068-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-068-02. The text itself ...

mozilla-firefox

New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-firefox-19.0.2-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements. For mor...