666 matches found
CVE-2018-20591
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx...
Heap overflow
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx...
CVE-2018-20591
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx...
CVE-2018-20591
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx...
Debian DLA-1572-1 : nginx security update
It was discovered that there was a denial of service DoS vulnerability in the nginx web/proxy server. As there was no validation for the size of a 64-bit atom in an MP4 file, this could have led to a CPU hog when the size was 0, or various other problems due to integer underflow when the...
[SECURITY] [DLA 1572-1] nginx security update
Package : nginx Version : 1.6.2-5+deb8u6 CVE ID : CVE-2018-16845 Debian Bug : 913090 It was discovered that there was a denial of service DoS vulnerability in the nginx web/proxy server. As there was no validation for the size of a 64-bit atom in an MP4 file, this could have led to a CPU hog when...
Debian: Security Advisory (DLA-1572-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.5.1 : kernel (EulerOS-SA-2018-1323)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide...
EulerOS Virtualization 2.5.0 : kvm (EulerOS-SA-2018-1350)
According to the version of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide...
Google Android WLAN has an unspecified vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and WLAN is a wireless connection module used in it. A security vulnerability exists in WLAN in Android, which stems from the program not properly validating array indexes. An...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Debian DLA-1481-1 : linux-4.9 security update (Foreshadow)
Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary...
The vulnerabilities of Microsoft Edge and Internet Explorer, related to errors in implementing inter-frame interactions, allow attackers to disclose protected information.
The vulnerabilities of Microsoft Edge and Internet Explorer are related to errors in the implementation of inter-frame interaction. Exploiting these vulnerabilities can allow a malicious actor to disclose sensitive information by using a specially crafted web page...
RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:2404)
The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2404 advisory. The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualizati...
[SECURITY] [DSA 4279-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4279-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 20, 2018 https://www.debian.org/security/faq -...
Debian DSA-4279-1 : linux - security update (Foreshadow)
Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Foreshadow- L1 Terminal Fault: VMM
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. CVE:...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...