Ubuntu: Security Advisory (USN-2842-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: seqan-1.4.2-21.fc22

SeqAn is an open source C++ library of efficient algorithms and data struct ures for the analysis of sequences with the focus on biological data. Our library applies a unique generic design that guarantees high performanc e, generality, extensibility, and integration with other libraries...

[SECURITY] Fedora 23 Update: seqan-1.4.2-21.fc23

SeqAn is an open source C++ library of efficient algorithms and data struct ures for the analysis of sequences with the focus on biological data. Our library applies a unique generic design that guarantees high performanc e, generality, extensibility, and integration with other libraries...

OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911...

Design/Logic Flaw

The swsinitcontext function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted video data...

CVE-2015-1277

Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures...

CVE-2015-1277

Removed by vendor...

MS15-068: Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000)

The remote Windows host is affected by multiple remote code execution vulnerabilities in Hyper-V : - An error exists in how Hyper-V handles packet size memory initialization in guest virtual machines. An authenticated attacker with access to a guest virtual machine can exploit this by running a...

Buffer overflow

Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service buffer overflow by leveraging guest OS privileges, aka "Hyper-V Buffer Overfl...

FreeBSD : chicken -- buffer overrun in substring-index[-ci] (e7b7f2b5-177a-11e5-ad33-f8d111029e6a)

chicken developer Moritz Heidkamp reports : The substring-index-ci procedures of the data-structures unit are vulnerable to a buffer overrun attack when passed an integer greater than zero as the optional START argument. As a work-around you can switch to SRFI 13's string-contains procedure which...

KLA10479 Multiple vulnerabilities in OpenSSL

Multiple serious vulnerabilities have been found in OpenSSL. Malicious users can exploit these vulnerabilities to caused denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via a specially designed...

CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

UBUNTU-CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

CVE-2015-2045

CVE-2015-2045 affects Xen hypervisor: the HYPERVISOR_xen_version hypercall in Xen 3.2.x–4.5.x fails to properly initialize data structures, enabling local guest users to obtain sensitive information via unspecified vectors. The affected lineages are Xen 3.2.x–4.5.x with impact limited to informat...

CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

CVE-2015-2045

The HYPERVISORxenversion hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors...

chromium-browser: use-after-free in DOM

Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures...

CVE-2014-7934

Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures...

Design/Logic Flaw

Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures...