Xen Linux kernel privilege control vulnerability

Linux kernel is the kernel used by Linux, an open source operating system released by the Linux Foundation in the U.S. Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same...

DEBIAN-CVE-2020-15852

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tssinvalidateiobitmap mishandling causes a loss of synchronization between the I/O bitmaps ...

CVE-2019-9860

Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control FUBE50014 or FUBE50015 relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are n...

New Relic: Password theft login.newrelic.com via Request Smuggling

Hi, The Rails application at login.newrelic.com is accessed through a proxy written in Golang, and an nginx server. By sending an ambiguous request, an attacker can desynchronize these servers, leaving the socket to the backend poisoned with a harmful response. This response will then be served u...

Mozilla: Memory corruption with accessibility and DOM manipulation (MFSA 2017-11, MFSA 2017-12)

During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Apple iOS SafariViewController Component Information Disclosure Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices, and SafariViewController is one of the web browser components. A security vulnerability exists in the SafariViewController component in Apple iOS versions prior to 10.3. An attacker can exploit this vulnerability to cause the...

UBUNTU-CVE-2016-1548

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimat...

Medium: chrony

Issue Overview: As reported upstream http://chrony.tuxfamily.org/News.html: When NTP or cmdmon access was configured from chrony.conf or via authenticated cmdmon with a subnet size that is indivisible by 4 and an address that has nonzero bits in the 4-bit subnet remainder e.g. 192.168.15.0/22 or...

UBUNTU-CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

glibc: incorrect use of extend_alloca() in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Privilege Escalation

/ source: https://www.securityfocus.com/bid/36430/info NetBSD is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to cause the kernel stack to become desynchronized. This may allow the attacker to gain elevated privileges or may aid in further attacks. ...