Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3696-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3696-1 advisory. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of servic...

Ubuntu: Security Advisory (USN-3696-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3620-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:0769-1)

This update for curl fixes the following issues: Following security issues were fixed : - CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution bsc1084521. - CVE-2018-1000121: A NULL pointer dereference...

CVE-2017-18232

The Serial Attached SCSI SAS implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service deadlock by triggering certain error-handling code...

CVE-2018-1000122

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3420-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3422-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3422-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...

USN-3385-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

USN-3384-2: Linux kernel (HWE) vulnerabilities

USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the...

Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3377-1) (Stack Clash)

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

USN-3378-1: Linux kernel vulnerabilities

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

CVE-2016-7530

The quantum handling code in ImageMagick allows remote attackers to cause a denial of service divide-by-zero error or out-of-bounds write via a crafted file...

CVE-2016-7530

CVE-2016-7530 relates to ImageMagick. The vulnerability affects the quantum handling code within ImageMagick and allows remote attackers to cause a denial of service by processing a crafted file. The impact described is a divide-by-zero error or an out-of-bounds write, as stated in the descriptio...

Where has my little dog gone? - WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Where has my little dog gone? published at the 'play' market has multiple vulnerabilities...

Miku,FreeMp3♬GROOVE CATCH S.E - Dangerous filesystem permissions, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Miku,FreeMp3♬GROOVE CATCH S.E published at the 'play' market has multiple vulnerabilities...

Apple Mac OSX iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution Vulnerabilities

Apple Mac OSX iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution Vulnerabilities Source: https://code.google.com/p/google-security-research/issues/detail?id=618 The ool variations of the IOKit device.defs functions all incorrectly deal with error conditions. If you run th...

CVE-2015-3213

CVE-2015-3213 affects GNOME Clutter prior to 1.16.2; the gesture handling code can allow a nearby attacker to bypass the lock screen via specific mouse or touch gestures. The issue is locally exploitable with a high impact (C/C/I/A) as reported by NVD (base score 7.2). A fix was developed (GNOME ...

Cisco Unity Connection SIP Trunking Integrated Port Denial of Service Vulnerability

Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in Cisco Unity Connection's SIP call handling code that fails to release allocated resources in certain connection scenarios. This allows ...