Ubuntu 16.04 LTS : Linux kernel (Raspberry Pi 2) vulnerabilities (USN-3016-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3016-2 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-3021-1)

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service system crash. CVE-2016-3951 Kangji...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3016-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3016-3 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3018-2)

USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not...

Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-3017-2)

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

Debian Security Advisory DSA 3607-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-7515, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3140 Ralf Spenneberg o...

DSA-3607-1 linux - security update

Bulletin has no description...

USN-3017-1: Linux kernel vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

USN-3016-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ImageMagick vulnerability in Wordpress4. 5. 1 The above use-vulnerability warning-the black bar safety net

0x00 ImageMagick vulnerability analysis About ImageMagick vulnerability detailed analysis, phith0n has been in tick aboveImageNagick vulnerability Points allowedhas been for this vulnerability were described in detail. I this article is primarily directed to the ImageMagick vulnerability in...

CentOS 7 : kernel (CESA-2016:1277)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 7 : kernel (RHSA-2016:1277)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update provides an upgrade to the upstream 4.4 longterm kernel series, currently based on 4.4.13 and resolves at least the following security issues: The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption ...

OracleVM 3.2 : curl (OVMSA-2016-0056)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix heap-based buffer overflow in curleasyunescape CVE-2013-2174 - fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944 - introduce the --delegation option of curl 746849 - fix stack...

Directory traversal

Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors...

CVE-2016-3213

The Web Proxy Auto Discovery WPAD protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 9 through 11 has an improper fallback mechanis...

Microsoft Edge JavaScript map Method Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementatio...

RHEL 6 : kernel (RHSA-2016:1225)

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...