DEBIAN-CVE-2017-7861

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gprfree function in core/lib/support/alloc.c...

SUSE-SU-2017:0610-1 Security update for libquicktime

This update for libquicktime fixes the following issues: - A crafted MP4 file could have caused libquicktime to crash or lead to undefined behaviour bsc1022805, CVE-2016-2399...

XAPI Service unable to start , error : xapi dies but pid file exists.

XAPI Service unable to start. It shows that the it already has a pid and is dead. Looking at the logs xensource.log, you will find INTERNALERROR as below: xapi top-level caught exception: INTERNALERROR: Xmlm.MakeStringBuffer.Error, -372779099 Caught exception at toplevel:...

June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

June 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 This update rollup is superseded by July 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 KB3172614 that was released on July 21, 2016. The June 2016 update rollup for Windows RT 8.1,...

DEBIAN-CVE-2016-6712

A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the...

Xe-toolstack-restart Fails with Error "Cannot Lock /dev/shm/xe_toolstack_restart.lock. Is an Instance of /opt/xensource/bin/xe-toolstack-restart Running Already? "

When trying to restart toolstack, following error is displayed: "cannot lock /dev/shm/xetoolstackrestart.lock. Is an instance of /opt/xensource/bin/xe-toolstack-restart running already? "...

CVE-2016-6198

The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service system crash via a rename system call, related to fs/namei.c and fs/open.c...

The vulnerability of the LibXLST transformation library allows a attacker to cause a service failure or exert other effects.

The vulnerability of the numbers.c file in the LibXLST library is related to errors in name space handling. Exploiting this vulnerability can allow a malicious actor to cause service failures or other effects through a specially crafted document...

USN-2423-1 clamav vulnerabilities

Kurt Seifried discovered that ClamAV incorrectly handled certain JavaScript files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6497 Damien Millescamp discovered that ClamAV incorrectly handled...

mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM...

Fedora 20 : mariadb-5.5.39-1.fc20 (2014-9956)

This is an update that fixes all issues described at https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-5539- changelog and also an unspecified MyISAM temporary file issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

EUVD-2014-3494

The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...

CVE-2011-1677

mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...

CVE-2007-6456

Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unknown impact and attack vectors related to MacOS 10.3.9 .odb files. NOTE: it is not clear whether this issue is a vulnerability...

CVE-2007-4271

CVE-2007-4271 affects IBM DB2 Universal Database 8 (before Fixpak 15) and 9.1 (before Fixpak 3). Local attackers can cause directory traversal by an environment variable appended to /tmp/ for log file creation, enabling arbitrary file creation and potential privilege escalation via setuid-root bi...

PT-2007-5564 · Tracker · Tracker

Name of the Vulnerable Software and Affected Versions: Trackeur 1 Description: A remote file inclusion issue in the tracking.php file of Trackeur allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. However, it's noted that the header parameter is defined befor...

Memory corruption

RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service memory consumption via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct...

Low: Red Hat Bug Fix Advisory: gdb bug fix update

An updated gdb package that fixes various bugs is now available. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages, by executing them in a controlled fashion, and then printing their data. This updated package addresses the following issues: - GDB on ia64...

CVE-2005-0005

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers...

Critical: Red Hat Security Advisory: RealPlayer security update

An updated RealPlayer package that fixes two buffer overflow issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. RealPlayer is a media player. A stack based buffer overflow bug was found in RealPlayer's Synchronized...