The vulnerability of the Qualcomm QTEE API in the Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Qualcomm QTEE API in the Android operating system is related to errors in handling array indexes. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

Input validation

Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...

CVE-2017-17315

Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...

CVE-2017-17315

Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...

CVE-2017-17315

The CVE-2017-17315 issue affects Huawei DP300 (V500R002C00), RP200 (V600R006C00), TE30/V500R002C00, TE40/V500R002C00, TE50/V500R002C00, TE60/V100R001C10, and related V600R006C00 variants. Root cause: improper validation of specially crafted SCCP messages, leading to numeric errors when handling m...

CVE-2017-17315

Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...

Target Credential Issues by Authentication Protocol - No Issues Found

Valid credentials were provided for an authentication protocol on the remote target and Nessus did not log any subsequent errors or failures for the authentication protocol. When possible, Nessus tracks errors or failures related to otherwise valid credentials in order to highlight issues that ma...

Joomla! Core Information Disclosure Vulnerability (CNVD-2018-15240)

Joomla! is an open source content management system CMS. The system provides RSS feeds , site search and other features . Joomla! Core is a Joomla! core. A trust management vulnerability exists in Joomla! Core versions prior to 3.8.8, which stems from the web installation application...

Security Advisory - Numeric Errors Vulnerability in Some Huawei Products

Some Huawei products have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause...

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of...

The vulnerability of the Content Protection HECI Service driver for Intel Graphics Systems allows attackers to enhance their privileges.

The vulnerability of the Content Protection HECI Service, a driver for Intel Graphics systems, is related to type conversion errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

ovirt-engine: account enumeration through login to web console

The ovirt-engine web console login form returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts...

Adobe Acrobat 2017 Security Updates (APSB18-09) - Windows

Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

Adobe Reader DC (Classic Track) Security Updates (APSB18-09) - Windows

Adobe Reader DC Classic Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian: Security Advisory (DLA-1376-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1376-1] firefox-esr security update

Package : firefox-esr Version : 52.8.0esr-1deb7u1 CVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and...

How to troubleshoot XenServer USB Passthrough related issues

This article describes common error scenarios as well as general troubleshooting tips for XenServer USB Passthrough feature...

poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

February 22, 2018—KB4077525 (OS Build 14393.2097)

February 22, 2018—KB4077525 OS Build 14393.2097 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue that causes Hyper-V VMs that are replicated using Hyper-V Replica or Azure...

CVE-2013-7201

WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...