Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits Source: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ Introduction Problem description: The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from userspace for emulating o...

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the WriteImages function in the console-based image editing tool ImageMagick is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker, operating remotely, to trigger a service failure dereferencing the null pointer using a specially...

Fedora 24 : deluge (2017-ce66f11df1)

Core 2889: Fixed 'Too many files open' errors. 2861: Added support for python-geoip for use with libtorrent 1.1. 2149: Fixed a single proxy entry being overwritten resulting in no proxy set. UI Added trackerstatus translation to UIs. GtkUI 2901: Strip whitespace from infohash before checks. Add...

The vulnerability of the Mac OS X operating system and the iOS operating system allows attackers to obtain confidential information.

The vulnerability of the CFNetwork Proxies component in the Mac OS X and iOS operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to obtain confidential information remotely...

Information : XenApp/XenDesktop Performance Counters

1. CitrixBrokerService 1. Application Cache Writes 2. Brokered Sessions 3. Database Avg. Transaction Time 4. Database Connected 5. Database Transaction Errors/sec 6. Database Transaction/sec 7. Deregistration Requests 8. Expired Launches/sec 9. Expired Registrations 10. Expired Registration/sec...

MS17-023: Security Update for Adobe Flash Player (4014329)

The remote Windows host is missing security update 4014329. It is, therefore, affected by multiple vulnerabilities : - A buffer overflow condition exists that allows an attacker to execute arbitrary code. CVE-2017-2997 - Multiple memory corruption issues exist that allow an attacker to execute...

Debian DLA-852-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. For Debian 7 'Wheezy', these problems...

Threat Outbreak Alert RuleID28190: Email Messages Distributing Malicious Software on March 10, 2017

Medium Alert ID: 52989 First Published: 2017 March 10 15:56 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28190 may contain the following files: Name | Si...

Debian DSA-3805-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. %NASLMINLEVEL 70300 C Tenable Network...

Mozilla Firefox < 52.0 Multiple Vulnerabilities (macOS)

The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru Che...

The vulnerability of the Mac OS X operating system, which allows a hacker to trigger a service failure

The vulnerability of the Bluetooth component in the Mac OS X operating system is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to trigger a service failure pointer assignment to zero through a specially created application...

Debian Security Advisory DSA 3805-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. OpenVAS Vulnerability Test $Id:...

Debian: Security Advisory (DSA-3805-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3215-2 munin regression

USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. Original advisory details: It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to...

python-oslo-middleware: CatchErrors leaks sensitive values into error logs

An information-disclosure flaw was found in oslo.middleware. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs for example, keystone tokens...

The vulnerability of Google Chrome browser allows a perpetrator to gain access to local files.

The vulnerability of the Histogram component in Google Chrome browser is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to gain access to local files through a specially crafted HTML page...

ipa security and bug fix update

4.4.0-14.0.1.el73.6 - Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.4.0-14.6 - Resolves: 1416488 replication race condition prevents IPA to install - waitforentry: use only DN as parameter - Wait until HTTPS principal entry is replicated to replica - Use prop...

The vulnerabilities in iOS and Mac OS X operating systems allow attackers to carry out “man-in-the-middle” attacks.

The vulnerability of the IDS-Connectivity component for iOS and Mac OS X is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” attack by using notifications regarding network connection changes...

The vulnerability of the iOS operating system, which allows a hacker to bypass the sandbox protection mechanism

The vulnerability of the WebSheet component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass the sandbox protection mechanisms using undefined vectors...

The vulnerability of the iOS operating system, which allows a hacker to bypass existing authentication policies

The vulnerability of the Accounts component in the iOS operating system is related to authentication errors. Exploiting this vulnerability allows a malicious actor to circumvent existing authentication policies by exploiting errors in the application uninstallation process...