CVE-2015-0008

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remot...

CVE-2015-1209

Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote...

Design/Logic Flaw

Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote...

CVE-2015-1209

Removed by vendor...

USN-2491-1: Linux kernel (EC2) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

Debian DSA-3153-1 : krb5 - security update

Multiple vulnerabilities have been found in krb5, the MIT implementation of Kerberos : - CVE-2014-5352 Incorrect memory management in the libgssapikrb5 library might result in denial of service or the execution of arbitrary code. - CVE-2014-9421 Incorrect memory management in kadmind's processing...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2491-1)

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

RHEL 6 : kernel (RHSA-2015:0115)

Updated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Ubuntu: Security Advisory (USN-2492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

DSA-3153-1 krb5 - security update

Bulletin has no description...

OracleVM 2.2 : glibc (OVMSA-2015-0024) (GHOST)

The remote OracleVM system is missing necessary patches to address critical security updates : - Switch to use malloc when the input line is too long Orabug 19951108 - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin - Fix parsing of numeric hosts ...

Updated icu packages fix security vulnerabilities

Updated icu packages fix security vulnerabilities: The Regular Expressions package in International Components for Unicode ICU 52 before SVN revision 292944 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a...

CVE-2014-4497

CVE-2014-4497 affects Apple OS X before 10.10, where an integer signedness error in IOBluetoothFamily could allow a crafted app to execute code in kernel context or cause a denial of service by writing kernel memory. The vulnerability is tied to Bluetooth handling in OS X and is listed among OS X...

chromium-browser: out-of-bounds read in Fonts

The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified...

chromium: multiple issues

CVE-2014-7923 memory corruption The Regular Expressions package in International Components for Unicode ICU 52, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a 1 zero-length quantifier or 2 look-behind...

Cisco Ironport Appliances Privilege Escalation Exploit

Cisco Ironport appliances are vulnerable to authenticated "admin" privilege escalation. By enabling the Service Account from the GUI or CLI allows an admin to gain root access on the appliance, therefore bypassing all existing "admin" account limitations. The vulnerability is due to weak algorith...

Ubuntu: Security Advisory (USN-2465-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-7938

The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2014-7936

Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/locationbar/zoombubbleview.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted docume...