SUSE-SU-2018:3686-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration ...

Description of the System Center Virtual Machine Manager 2008 R2 hotfix rollup package: September 14, 2010

Description of the System Center Virtual Machine Manager 2008 R2 hotfix rollup package: September 14, 2010 INTRODUCTION This article describes the Microsoft System Center Virtual Machine Manager SCVMM 2008 R2 issues that are resolved in the hotfix rollup package that was released on September 14,...

CVE-2018-13153

A memory leak was discovered in ImageMagick in the XMagickCommand function in animate.c file. An array of strings, named filelist, is allocated on the heap but not released in case the function ExpandFilenames returns an error code...

Receiver for Android - Error Code 546 or 547

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Users see one of the following error codes when trying to add a PNA or XenApp store to Receiver for...

Error Code 41E on Receiver for Android

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. 1 Error appears on Android Receiver when attempting to pass through NetScaler Gateway...

Double free

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

CVE-2018-8099

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

CVE-2018-8099

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

CVE-2018-8099

CVE-2018-8099 affects the libgit2 library. The issue comes from an incorrect error code return in index.c:read_entry(), which can cause a double free and thus a denial of service when processing a crafted repository index file. The vulnerability is present in libgit2 releases before v0.26.2; mult...

Input validation

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...

CVE-2018-7711

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...

kernel: local privesc in key management

A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively...

openSUSE: Security Advisory for glibc (openSUSE-SU-2018:0089-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2018:0074-1)

This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the co...

SUSE-SU-2018:0074-1 Security update for glibc

This update for glibc fixes the following issues: - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the cod...

Error 0x7B INACCESSIBLE_BOOT_DEVICE after installing PVS server on a Cisco UCS Server

After installing PVS Server software, or upgrading from a previous version, the first time the server reboots it will not be able to boot successfully anyomre. The server might present a Blue Screen with Error Code 0x7BINACCESSIBLEBOOTDEVICE...

WEM 4.3 - Intermittent crashes of Norskale Broker Service.exe on WEM Broker

Norskale Broker Service.exe on WEM Broker randomly crashes on all WEM Brokers present. Crash dump analysis of this service shows the following: PROCESSNAME: Norskale Broker Service.exe ERRORCODE: NTSTATUS 0xc0000374 - A heap has been corrupted. EXCEPTIONCODE: NTSTATUS 0xc0000374 - A heap has been...

CVE-2017-15244

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code 0xe06d7363 starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...

Design/Logic Flaw

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code 0xe06d7363 starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...

CVE-2017-15244

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code 0xe06d7363 starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...