7999 matches found
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
pidgin: DoS when handling timestamps in the XMPP plugin
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
Poor Patching, Passwords Plague Government Computers
A damning report on the security of government computers paints an unflattering picture of lax or non-existent patching efforts, poor password policies, configuration errors and a general lack of confidence that exposes critical services and systems to attack. The report, “The Federal Government’...
[Lynis 1.4.0] Security and System Auditing Tool to Harden Linux Systems
Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...
Adobe Acrobat Multiple Vulnerabilities - 01 (Jan 2014) - Windows
Adobe Acrobat is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...
Google Chrome < 32.0.1700.76 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 32.0.1700.76. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to forms, web workers and speech input elements. CVE-2013-6641, CVE-2013-6645, CVE-2013-6646 - An...
PT-2014-2050 · Adobe · Reader +1
Name of the Vulnerable Software and Affected Versions: Adobe Reader and Acrobat versions 10.x through 10.1.8 Adobe Reader and Acrobat versions 11.x through 11.0.05 Description: The issue is related to resource management errors in Adobe Acrobat and Adobe Reader. It allows a remote attacker to cau...
Google Chrome < 32.0.1700.77 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 32.0.1700.77. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to forms, web workers and speech input elements. CVE-2013-6641, CVE-2013-6645, CVE-2013-6646 -...
CVE-2013-7108
CVE-2013-7108 affects Nagios Core 3.5.1, 4.0.2 and older, and Icinga up to certain releases. It is an off-by-one/heap-over-read flaw in process_cgivars() triggered by a long parameter value, allowing remote authenticated users to read process memory or cause a DoS. Affected products include Nagio...
CVE-2013-6123
Multiple array index errors in drivers/media/video/msm/server/msmcamserver.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node...
Code injection
Multiple array index errors in drivers/media/video/msm/server/msmcamserver.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node...
CVE-2013-6123
Multiple array index errors in drivers/media/video/msm/server/msmcamserver.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node...
CVE-2013-6123
Multiple array index errors in drivers/media/video/msm/server/msmcamserver.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node...
CVE-2013-6123
CVE-2013-6123 affects the MSM camera driver in the Linux kernel 3.x (MSM CAM server). The root cause is multiple array index errors in msm_cam_server.c, related to handling of camera device-node input, involving the functions msm_ctrl_cmd_done , msm_ioctl_server , and msm_server_send_ctrl . This ...
Debian DSA-2839-1 : spice - denial of service
Multiple vulnerabilities have been found in spice, a SPICE protocol client and server library. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2013-4130 David Gibson of Red Hat discovered that SPICE incorrectly handled certain network errors. A remote user...
Microsoft SharePoint Business Productivity Server RCE Vulnerability (2904244)
This host is missing an important security update according to Microsoft Bulletin MS13-100. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check)
According to its banner, the version of IBM Domino formerly IBM Lotus Domino on the remote host is 9.x earlier than 9.0.1. It is, therefore, affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of IBM JRE that contains numerous security issues...