The vulnerability of the iOS operating system, which allows a hacker to trigger a device service failure.

The vulnerability of the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to cause a device to fail to respond to service requests by sending a specially crafted Unicode text message, which is not properly processed when sent via SMS or...

The vulnerability of the microprogramming software of the Cisco TelePresence VCS device allows a intruder to trigger a service failure.

The vulnerability of Cisco TelePresence VCS’s microprogramming software stems from resource management errors. Exploiting this vulnerability allows a malicious actor to trigger service failure by sending a specially crafted SDP request with session parameters during an SIP connection...

postgresql: pgcrypto has multiple error messages for decryption with an incorrect key.

It was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This could potentially help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known...

postgresql: pgcrypto has multiple error messages for decryption with an incorrect key.

It was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This could potentially help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known...

MGASA-2015-0246 Updated openssl package fixes security vulnerabilities

A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam CVE-2015-4000. When processing an ECParameters structure OpenSSL...

Google Chrome < 43.0.2357.124 Multiple Vulnerabilities

Binary data 8783.pasl...

Google Chrome < 43.0.2357.65 Multiple Vulnerabilities

Binary data 8782.pasl...

Fedora 20 : armacycles-ad-0.2.8.3.3-1.fc20 (2015-9527)

Changes since 0.2.8.3.2 : - security fix: do not read ahead of the beginning of network buffer. - security fix: don't attribute network errors from processing random packets to the connection to the server - security fix: while at it, don't process random packets unless they may be important - fi...

Adobe AIR <= 17.0.0.144 Multiple Vulnerabilities (APSB15-06)

According to its version, the installation of Adobe AIR on the remote Windows host is equal or prior to 17.0.0.144. It is, therefore, affected by multiple vulnerabilities : - Multiple double-free errors exist that allow an attacker to execute arbitrary code. CVE-2015-0346, CVE-2015-0359 - Multipl...

Adobe AIR for Mac <= 17.0.0.172 Multiple Vulnerabilities (APSB15-11)

According to its version, the installation of Adobe AIR on the remote Mac OS X host is equal or prior to 17.0.0.172. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability exists that allows an attacker to bypass the fix for CVE-2014-5333. CVE-2015-3096 - Multiple...

Adobe AIR for Mac <= 17.0.0.124 Multiple Vulnerabilities (APSB15-05)

According to its version, the installation of Adobe AIR on the remote Mac OS X host is equal or prior to 17.0.0.124. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption flaws exist due to improper validation of user-supplied input. An attacker can exploit these...

VMware Workstation/Player/Fusion Custom RPC Command Denial of Service Vulnerability

VMware is a vendor of desktop to datacenter virtualization solutions. A security vulnerability exists in VMware Workstation/Player/Fusion that allows a remote attacker on Guest to send specially crafted RPC commands to trigger input validation errors and conduct denial of service attacks...

cups: multiple issues

CVE-2015-1158 arbitrary code execution, privilege escalation An issue with how localized strings are handled in cupsd allows a reference counter to over-decrement when handling certain print job request errors. As a result, an attacker can prematurely free an arbitrary string of global scope,...

The vulnerability of Google Chrome browser allows a perpetrator to bypass the sandboxing mechanism or trigger a service failure.

The common/partialcircularbuffer.cc file in Google Chrome’s browser contains errors when dealing with pointers. As a result, attackers may bypass the sandbox mechanism or cause failures in the processing of large data writes using the PartialCircularBuffer::Write and PartialCircularBuffer::DoWrit...

The vulnerability of Google Chrome browser allows a perpetrator to inject commands into the executed script.

The core/html/parser/HTMLConstructionSite.cpp file of the Google Chrome browser contains errors related to inheritance. Exploiting this vulnerability allows a malicious actor to inject commands into the script executed by remotely controlling the system, using a specially crafted Java script...

DEBIAN-CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...

UBUNTU-CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...

Backup Copy Job Failures when using ExaGrid de-duplicating storage

Challenge Backup Copy Jobs can fail when writing to ExaGrid storage. Cause De-duplicating storage can incorrectly update existing backup files during Veeam "merge" operation. Solution Make sure your ExaGrid Storage firmware version is 4.7.0 P52 or newer. For additional information please contact...

FreeBSD : PostgreSQL -- minor security problems. (fc38cd83-00b3-11e5-8ebd-0026551a22dc)

PostgreSQL project reports : This update fixes three security vulnerabilities reported in PostgreSQL over the past few months. Nether of these issues is seen as particularly urgent. However, users should examine them in case their installations are vulnerable:. - CVE-2015-3165 Double 'free' after...

USN-2621-1 postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities

Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. CVE-2015-3165 Noah Misch discovered that PostgreSQL incorrectly handled certain...