Explained: False positives

What are false positives? False positive, which is sometimes written as f/p, is an expression commonly used in cybersecurity to denote that a file or setting has been flagged as malicious when it’s not. In statistics, false positives are called Type I errors, because they check for a particular...

openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)

This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...

Error: "Your account cannot be added using this server address" When Adding Sites in Native Receiver

User without administrative privilege User1 installed receiver and later customer uninstalled receiver by switching to admin user User2 in the CMD prompt and then runningReceiver Clean-Up Utility tool in the CMD prompt with administrative privilege. Then following issue happened: 1. Receiver fail...

CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

DEBIAN-CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

CVE-2017-14138

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...

Management GUI Unavailable After Software Upgrade

When attempting to login to the management interface the page is not displayed correctly and login is not possible. Symptoms can vary somewhat, but often rdx-related script errors are seen...

The vulnerability of the Android CAF-release operating system driver, which exists due to errors in memory buffer handling, allows a hacker to trigger a kernel memory leak.

The vulnerability of the Android CAF-release operating system driver is caused by an operation that occurs outside the buffer memory boundaries. Exploiting this vulnerability could potentially allow a remote attacker to cause a kernel memory leak...

The vulnerability of the Android CAF-release operating system, related to security configuration errors, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android CAF-release operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by having the UE component respond to the...

The vulnerability of the WLAN driver for Android CAF-releases allows a hacker to create a situation where the operator of the proof-of-parity fails to detect errors.

The vulnerability of the Android CAF-release operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, or accessibility of protected information when the ioctl WLAN driver function is...

The vulnerability of the Android operating system from the CAF repository exists due to errors in pointer assignment, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android operating system from the CAF repository is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information under conditions of memory shortage...

The vulnerability of the Android operating system from the CAF repository exists due to pointer assignment errors, allowing attackers to cause memory corruption.

The vulnerability of the Android operating system from the CAF repository is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause memory corruption in the Guest OS...

Denial Of Service (DoS) Through Memory Consumption

apache-shiro is vulnerable to denial of service DoS attacks. The library does not catch unexpected errors in scheduled tasks, causing threads to run indefinitely without being terminated. This can lead to the application running out of memory and crashing...

MGASA-2017-0312 Updated libmodplug packages fix security vulnerabilities

libmodplug 0.8.9.0 fixes various out-of-bounds read and write errors as well as divide-by-zero issues...

Vulnerability of the JavaScript kernel in Microsoft Edge and Internet Explorer browsers, allowing attackers to execute arbitrary code

The vulnerability in the Microsoft Edge JavaScript kernel is caused by an operation going beyond the buffer boundaries in memory memory corruption due to a script error. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, as a resul...

The vulnerability of the configuration of the autonomous configuration device for visualization and control systems called “U.motion Builder” arises from system configuration errors, allowing a perpetrator to execute arbitrary code.

The vulnerability of the configuration of the autonomous configuration tool for the “smart home” visualization and control system, U.motion Builder, exists due to a processing error in the system’s configuration parameters. Exploiting this vulnerability allows an attacker who operates locally to...

Updating to Secure Hub 10.5.5 causes Passcode prompt to appear repeatedly

You may find that after upgrading to Secure Hub 10.5.5 on Android, the device repeatedly requests the Passcode to be entered even though the Passcodeentered is known to be valid. Upon investigation of the Secure Hub log files, you may notice an error message which states "SecretVaultProvider:Fail...

Debian DLA-1053-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of...

[SECURITY] [DLA 1053-1] firefox-esr security update

Package : firefox-esr Version : 52.3.0esr-1deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7807 CVE-2017-7809 Several security issues have...