4 matches found
CVE-2022-32474
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...
SUSE-SU-2017:0801-1 Security update for apache2
This update for apache2 provides the following fixes: Security issues fixed: - CVE-2016-0736: Protect modsessioncrypto data with a MAC to prevent padding oracle attacks bsc1016712. - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS bsc1016714...
ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-203 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwa...
Fedora 14 : wordpress-3.1-1.fc14 (2011-3746)
In order to protect against two CVEs, I'm upgrading Wordpress in all releases to 3.1. In addition, this will obsolete wordpress-mu, since this functionality has been migrated to the main wordpress release as of wordpress 3.0, and wordpress-mu has been deprecated upstream. I would not normally mak...