The vulnerability of component 1x of the Android operating system, allowing a hacker to bypass security restrictions

The vulnerability of component 1 of the Android operating system is related to errors in number processing. Exploiting this vulnerability can allow a remote attacker to bypass security restrictions...

[SECURITY] [DSA 3881-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3881-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 14, 2017 https://www.debian.org/security/faq -...

Mozilla: Use-after-free and use-after-scope logging XHR header errors (MFSA 2017-16)

A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests XHR. This could result in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

UBUNTU-CVE-2017-7756

A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests XHR. This could result in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

Description of the security update for Outlook 2007: June 13, 2017

Description of the security update for Outlook 2007: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

PT-2017-11665 · Ibm · Ibm Jazz Foundation

Name of the Vulnerable Software and Affected Versions: IBM Jazz Foundation affected versions not specified Description: The issue could expose potentially sensitive information to authenticated users through stack trace error conditions. Recommendations: At the moment, there is no information abo...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system is related to errors during the loading of a library. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges through a specially created application...

The vulnerability of the Qualcomm operating system Android component, which allows a hacker to exert indefinite influence

The vulnerability of the Qualcomm operating system Android is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to cause unpredictable effects...

The vulnerability of the FlashPlayer libraries in Adobe Flash Internet Explorer 10, Adobe Flash Internet Explorer 11, and Adobe Flash Microsoft Edge on the FlashPlayer software platform allows attackers to cause unpredictable effects.

The vulnerability of the Adobe Flash Internet Explorer 10, Adobe Flash Internet Explorer 11, and Adobe Flash Microsoft Edge software platforms’ Flash Player components is related to coding errors. Exploiting this vulnerability can allow an attacker to cause unpredictable effects from a remote...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows attackers to enhance their privileges.

The vulnerability of the TrustZone technology a DRM sub-program of Qualcomm’s Secure Execution Environment for Android from the CAF repository is related to numerical processing errors. Exploiting this vulnerability could allow a remote attacker to gain increased privileges...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone technology’s authentication mode for Qualcomm Secure Execution Environment for Android, as found in the CAF repository, stems from synchronization errors when using a common resource. Exploiting this vulnerability could allow an attacker operating remotely to...

WannaCry Coding Mistakes Can Help Files Recovery Even After Infection

Last month WannaCry ransomware hit more than 300,000 PCs across the world within just 72 hours by using its self-spreading capabilities to infect vulnerable Windows PCs, particularly those using vulnerable versions of the OS, within the same network. But that doesn't mean WannaCry was a...

WannaCry Development Errors Enable File Recovery

WannaCry may have caused worldwide havoc on May 12 when it rode the coattails of the NSA’s weaponized EternalBlue exploit to infect computers in 150 countries, but that doesn’t mean it was a quality piece of ransomware. A number of programming errors in the code are floating to the surface and...

Product update: Virtuozzo 7.0 Update 4 Hotfix 1 (7.0.4-1091)

The new update for Virtuozzo 7.0.4 provides stability and usability bug fixes. Vulnerability id: PSBM-66625, PSBM-66445 guest.fs counters were reported in kilobytes for containers and in bytes for virtual machines. Vulnerability id: PSBM-66556 Backup location changed to default after update to...

MGASA-2017-0149 Updated kernel packages fixes security vulnerabilities

This kernel update is based on upstream 4.4.68 and fixes at least the following security issues: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service system crash via a long RPC reply, related to net/sunrpc/svc.c,...

SUSE-SU-2017:1384-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: Version update to 7.0-10.5 bsc1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ...

The vulnerability of the NFSv2 and NFSv3 server implementations in the Linux operating system allows a hacker to trigger arithmetic pointer errors or exert other types of influence.

The vulnerability of NFSv2 and NFSv3 implementations in the Linux operating system’s kernel is related to integer overflows. Exploiting this vulnerability allows a malicious actor to execute arithmetic instructions with errors or to perform other actions using specially crafted requests related t...

openSUSE Security Update : qemu (openSUSE-2017-589)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

SUSE-SU-2017:1317-1 Security update for bash

This update for bash fixes an issue that could lead to syntax errors when parsing scripts that use expr1 inside loops. Additionally, the popd build-in now ensures that the normalized stack offset is within bounds before trying to free that stack entry. This fixes a segmentation fault...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the videousercopy function in the Linux kernel’s drivers/media/video/v4l2-ioctl.c file, within the a v4l2extcontrols data structure of the Linux operating system, is related to resource management errors. Exploiting this vulnerability could allow an attacker to trigger a...