DLA-184-1 binutils - security update

Bulletin has no description...

Adding Linux repository to Veeam hangs on volume discovery and fails silently

When connecting to a Linux repository with Veeam, the connection hangs on the volume discovery step and silently errors out...

[SECURITY] [DLA 178-1] tor security update

Package : tor Version : 0.2.4.26-1deb6u1 Several issues have been discovered and fixed in Tor, a connection-based low-latency anonymous communication system. o Jowr discovered that very high DNS query load on a relay could trigger an assertion error. o A relay could crash with an assertion error ...

Adobe Flash Player Multiple Vulnerabilities - 01 (Mar 2015) - Windows

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...

DEBIAN-CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

Exploiting the DRAM rowhammer bug to gain kernel privileges

Rowhammer blog post draft Posted by Mark Seaborn, sandbox builder and breaker, with contributions by Thomas Dullien, reverse engineer This guest post continues Project Zero’s practice of promoting excellence in security research on the Project Zero blog Overview “Rowhammer” is a problem with some...

Phabricator: Server Side Request Forgery in macro creation

mongoose just getting it out of the way ; Hi, I would like to report a Server Side Request Forgery SSRF 1 in the meme creation section of the phabricator software 2. SSRF is a vulnerability allowing requests to be made from the context of the server. This could allow an attacker to gain access to...

Memory Corruption Vulnerability in Ashampoo Photo Commander's Handling of ICO Images

Ashampoo Photo Commander Free is a photo management software from Germany. Ashampoo Photo Commander handles ICO images with logical errors that allow attackers to exploit vulnerabilities to parse malformed programs and cause the application to crash...

Debian DSA-3179-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[SECURITY] [DSA 3179-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3179-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 03, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3179-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3179.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3179-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks GmbH...

Debian: Security Advisory (DSA-3179-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2519-1 eglibc, glibc vulnerabilities

Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...

SuSE 11.3 Security Update : unzip (SAT Patch Number 10344)

This update fixes the following security issues : - input sanitization errors. bnc909214. CVE-2014-8139 - out-of-bounds read/write in testcompreb bnc914442. CVE-2014-9636 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

Debian DSA-3174-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 3174-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3174-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 25, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3174-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3174.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3174-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks Gm...

DSA-3174-1 iceweasel - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3174-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : php-5.6.6-1.fc21 (2015-2315)

19 Feb 2015, PHP 5.6.6 Core : - Removed support for multi-line headers, as the are deprecated by RFC 7230. Stas - Fixed bug 67068 getClosure returns somethings that's not a closure. Danack at basereality dot com - Fixed bug 68942 Use after free vulnerability in unserialize with DateTimeZone...