The vulnerability of the Android operating system, which allows a hacker to compromise the security of information

The vulnerability of the Qualcomm operating system Android is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to compromise the security of information...

[SECURITY] [DLA 906-1] firefox-esr security update

Package : firefox-esr Version : 45.9.0esr-1deb7u1 CVE ID : CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448...

[SECURITY] [DSA 3831-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3831-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 20, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 896-1] icedove/thunderbird security update

Package : icedove Version : 1:45.8.0-3deb7u1 CVE ID : CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5383 CVE-2017-5390 CVE-2017-5396 CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410...

Debian: Security Advisory (DSA-3831-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Mysql Security Updates (apr2017-3236618) 02 - Linux

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-896-1 : icedove/thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. With version 45.8 Debian drops it's custom branding from the Icedove package an...

Design/Logic Flaw

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

Adobe Acrobat < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11) (macOS)

The version of Adobe Acrobat installed on the remote macOS or Mac OS X host is a version prior to 11.0.20, 2015.006.30306, 2017.009.20044. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exists that allow an attacker to execute arbitrary code...

Adobe Reader < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11) (macOS)

The version of Adobe Reader installed on the remote macOS or Mac OS X host is a version prior to 11.0.20, 2015.006.30306, 2017.009.20044. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exists that allow an attacker to execute arbitrary code. CVE-2017-301...

Adobe Reader < 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11)

The version of Adobe Reader installed on the remote Windows host is a version prior to 2015.006.30306 or 2017.009.20044. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an...

The vulnerability of the OpenBSD operating system, which allows a hacker to trigger a service failure

The vulnerability of the OpenBSD operating system is related to errors in the code. Exploiting this vulnerability allows a local attacker to cause a system failure a kernel crash through a large number of system calls to getdents...

April 11, 2017—KB4015547 (Security-only update)

April 11, 2017—KB4015547 Security-only update Improvements and fixes This security update resolves security vulnerabilities in Hyper-V, libjpeg image-process library, Win32K, Adobe Type Manager font driver, Active Directory Federation Services, Lightweight Directory Access Protocol, Windows...

Information Disclosure

tomcat-coyote is vulnerable to information disclosure. If the send file process completed quickly, it is possible for a processor to be added to the processor cache twice, resulting in the same process being reused for multiple requests. A malicious user could gain access to this processor to...

Adobe Flash Player <= 25.0.0.127 Multiple Vulnerabilities (APSB17-10)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 25.0.0.127. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist that allow an unauthenticated, remote attacker to execute arbitrary code. CVE-2017-3058,...

The vulnerability of the QEMU hardware emulation software allows a hacker to trigger a service failure or increase their privileges in the guest operating system.

The vulnerability of the QEMU hardware emulation software arises from synchronization errors when using a shared resource. Exploiting this vulnerability can allow a remote attacker to cause service failures or increase their privileges in the guest operating system...

[SECURITY] Fedora 26 Update: rpy-2.8.5-3.fc26

RPy provides a robust Python interface to the R programming language. It can manage all kinds of R objects and can execute arbitrary R functions. All the errors from the R language are converted to Python exceptions...

Programmers are also people who also make mistakes

It's the first part of our talk with Daniil Svetlov at his radio show "Safe Environment" or "Safe Wednesday" - kind of wordplay in Russian recorded 29.03.2017. We were discussing why Software Vulnerabilities are everyone's problem. Full video in Russian without subtitles is available here. I adde...