CVE-2014-8612

CVE-2014-8612 corresponds to multiple FreeBSD kernel SCTP issues. The SCTP_SS_VALUE path allows a local attacker to craft an out-of-bounds stream_id index into stcb->asoc.strmout, enabling 16-bit kernel memory write (memory corruption) and, via the function pointer path, arbitrary write of a 1...

CVE-2014-8612

Removed by vendor...

CVE-2014-8612

Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...

Oracle VirtualBox Multiple DoS Vulnerabilities (Feb 2015) - Linux

Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...

UBUNTU-CVE-2015-1359

Multiple off-by-one errors in fpdfapi/fpdffont/fontint.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted PDF document, related to an "intra-object-overflow" issue, ...

chromium-browser: caching error in AppCache

The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5...

CVE-2015-1359

Removed by vendor...

CVE-2014-7937

Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted Vorbis I data...

CVE-2014-7937

Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted Vorbis I data...

CVE-2014-7937

Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted Vorbis I data...

UBUNTU-CVE-2014-7948

The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5...

[SECURITY] [DSA 3132-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3132-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 19, 2015 http://www.debian.org/security/faq -...

MGASA-2015-0027 Updated binutils packages fix security vulnerabilities

Updated binutils packages fix security vulnerabilities: Multiple security issues have been found in binutils. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of...

Updated binutils packages fix security vulnerabilities

Updated binutils packages fix security vulnerabilities: Multiple security issues have been found in binutils. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of...

Oracle Solaris Third-Party Patch Update : freetype (multiple_buffer_errors_vulnerabilities_in)

The remote Solaris system is missing necessary patches to address security updates : - FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an 'allocation error' in t...

Oracle Solaris Third-Party Patch Update : imagemagick (multiple_buffer_errors_vulnerabilities_in2)

The remote Solaris system is missing necessary patches to address security updates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle Third Party software advisories. include'deprecatednasllevel.inc';...

Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a...

DSA-3132-1 icedove - security update

Bulletin has no description...

Debian Security Advisory DSA 3132-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3132.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3132-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks GmbH...

Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...