Out-of-bounds

The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related...

CVE-2016-2415

exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...

[SECURITY] [DSA 3551-1] fuseiso security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3551-1 [email protected] https://www.debian.org/security/ Florian Weimer April 16, 2016 https://www.debian.org/security/faq -...

CentOS Update for libsmbclient CESA-2016:0611 centos6

Check the version of libsmbclient SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882457";...

CentOS Update for ctdb CESA-2016:0612 centos7

Check the version of ctdb SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882463";...

IOS9. 3 may be implemented remotely make their phone becomes brick-vulnerability warning-the black bar safety net

The so-called“1 9 7 0 bricked”problem refers to the iPhone or iPad's time is set to the 1 9 7 0 years 1 month 1 day, and then shutdown again, the device is“bricked”, unable to start until the battery is drained. This year 2 month, Apple gave confirmed, saying that the system time manually setting...

RedHat Update for samba RHSA-2016:0611-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for samba3x RHSA-2016:0613-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 6 : samba (CESA-2016:0611) (Badlock)

An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2016-2118

Samba (versions 3.x and 4.x) is affected by CVE-2016-2118 (Badlock), due to mishandling DCERPC connections in MS-SAMR/MS-LSAD, enabling man-in-the-middle attackers to impersonate the authenticated user and potentially access or modify the Security Account Manager data. The issue also enables prot...

Critical: Red Hat Security Advisory: samba3x security update

An update for samba3x is now available for Red Hat Enterprise Linux 5.6 Long Life and Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

PT-2016-5388 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.2 Description: The issue concerns the IPv4 implementation in the Linux kernel, which fails to properly handle the destruction of device objects. This allows guest OS users to cause a denial of service,...

Microsoft Edge Proxy Object Universal Cross Site Scripting Vulnerability

This vulnerability allows remote attackers to inject arbitrary script code into arbitrary domains on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Ubuntu: Security Advisory (USN-2947-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 23 Update: vtun-3.0.3-15.fc23

VTun provides a method for creating Virtual Tunnels over TCP/IP networks and allows one to shape, compress, and encrypt traffic in those tunnels. Supported types of tunnels are: PPP, IP, Ethernet and most other serial protocols and programs. VTun is easily and highly configurable: it can be used...

CVE-2016-1647

Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/rendererhost/renderwidgethostimpl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2016-1648

Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimesextensionbindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code...

CVE-2016-1648

Google Chrome vulnerability CVE-2016-1648 is a use-after-free in the Extensions implementation (renderer/loadtimes_extension_bindings.cc GetLoadTimes) that could allow remote disruption via crafted JavaScript. Affected product: Chrome before 49.0.2623.108; remediation: update to 49.0.2623.108 or ...

Design/Logic Flaw

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...

[SECURITY] Fedora 24 Update: bind99-9.9.8-4.P4.fc24

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP...