Oracle MySQL Multiple Unspecified Vulnerabilities-02 (Jul 2015)

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla: Key pinning is ignored when overridable errors are encountered (MFSA 2015-67)

It was found that Firefox skipped key-pinning checks when handling an error that could be overridden by the user for example an expired certificate error. This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

Adobe Acrobat < 10.1.15 / 11.0.12 / 2015.006.30060 / 2015.008.20082 Multiple Vulnerabilities (APSB15-15)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 10.1.15, 11.0.12, 2015.006.30060, or 2015.008.20082. It is, therefore, affected by multiple vulnerabilities. - Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader D...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

Google Chrome < 43.0.2357.132 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is prior to 43.0.2357.132. It is, therefore, affected by multiple vulnerabilities in the bundled version of Adobe Flash : - An information disclosure vulnerability exists that allows an attacker to guess the address for the Flash...

Adobe Flash Player <= 18.0.0.194 Multiple Vulnerabilities (APSB15-16) (Mac OS X)

The version of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to version 18.0.0.194. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists that allows an attacker to guess the address for the Flash heap. CVE-2015-3097...

Mozilla Firefox Multiple Vulnerabilities-01 (Jul 2015) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Jul 2015) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Debian Security Advisory DSA 3300-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3300.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3300-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks Gm...

Mozilla: Key pinning is ignored when overridable errors are encountered (MFSA 2015-67)

It was found that Firefox skipped key-pinning checks when handling an error that could be overridden by the user for example an expired certificate error. This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform...

Key pinning is ignored when overridable errors are encountered — Mozilla

Mozilla security engineer David Keeler reported that when an overridable error is encountered, such as those for expired certificates or a host name does not match a certificate, pinning checks can be be skipped. This would allow for a user to override a pinned certificate when they should not be...

postgresql: pgcrypto has multiple error messages for decryption with an incorrect key.

It was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This could potentially help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known...

postgresql: pgcrypto has multiple error messages for decryption with an incorrect key.

It was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This could potentially help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known...

MGASA-2015-0246 Updated openssl package fixes security vulnerabilities

A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam CVE-2015-4000. When processing an ECParameters structure OpenSSL...

Google Chrome < 43.0.2357.124 Multiple Vulnerabilities

Binary data 8783.pasl...

Google Chrome < 43.0.2357.65 Multiple Vulnerabilities

Binary data 8782.pasl...

Fedora 20 : armacycles-ad-0.2.8.3.3-1.fc20 (2015-9527)

Changes since 0.2.8.3.2 : - security fix: do not read ahead of the beginning of network buffer. - security fix: don't attribute network errors from processing random packets to the connection to the server - security fix: while at it, don't process random packets unless they may be important - fi...

Adobe AIR <= 17.0.0.144 Multiple Vulnerabilities (APSB15-06)

According to its version, the installation of Adobe AIR on the remote Windows host is equal or prior to 17.0.0.144. It is, therefore, affected by multiple vulnerabilities : - Multiple double-free errors exist that allow an attacker to execute arbitrary code. CVE-2015-0346, CVE-2015-0359 - Multipl...

Adobe AIR for Mac <= 17.0.0.172 Multiple Vulnerabilities (APSB15-11)

According to its version, the installation of Adobe AIR on the remote Mac OS X host is equal or prior to 17.0.0.172. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability exists that allows an attacker to bypass the fix for CVE-2014-5333. CVE-2015-3096 - Multiple...