Microsoft Internet Explorer Multiple Vulnerabilities (KB4052978)

This host is missing a critical security update according to Microsoft security updates KB4052978. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Input validation

Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...

USN-3512-1 openssl vulnerabilities

David Benjamin discovered that OpenSSL did not correctly prevent buggy applications that ignore handshake errors from subsequently calling certain functions. CVE-2017-3737 It was discovered that OpenSSL incorrectly performed the x8664 Montgomery multiplication procedure. While unlikely, a remote...

Debian DLA-1199-1 : thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, use after free and other implementation errors may lead to crashes or the execution of arbitrary code. For Debian 7 'Wheezy', these problems have been fixed in version 1:52.5.0-1deb7u1...

CVE-2017-3737

OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the...

Citrix XenServer Multiple Security Updates (CTX230138)

A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of an HVM guest VM to compromise the host. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

XenMobile: 500 Server Internal Error when uploading Android APK File to XMS

When trying to upload an APK app to the XMS console using Internet Explorer 11, we are getting a 500 Server Internal Error Looking into the error logs. The previous version x.x.x.0 works fine however upgrading the version gives - 500 Server Internal Error...

CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

CVE-2017-17044

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service infinite loop and host OS hang by leveraging the mishandling of Populate on Demand PoD errors...

Socket and SSL error messages in Receiver for Windows 4.10

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Protocol driver error message in earlier versions While using receiver a common error that you might...

CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

UBUNTU-CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

Design/Logic Flaw

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

CVE-2017-17044

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service infinite loop and host OS hang by leveraging the mishandling of Populate on Demand PoD errors...

CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

CVE-2017-17044

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service infinite loop and host OS hang by leveraging the mishandling of Populate on Demand PoD errors...

CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

CVE-2017-17045

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service BUG and host OS crash by leveraging the mishandling of Populate on Demand PoD Physical-to-Machine P2M errors...

CVE-2017-1240

IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359...

MySQL Server Components Multiple Unspecified Vulnerabilities

MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql"; ifdescripti...