Important: java-1.8.0-openjdk

Issue Overview: Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions...

UBUNTU-CVE-2014-7946

The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified...

CVE-2014-6582

Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation...

Information disclosure

Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation...

CVE-2014-6582

Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation...

CVE-2014-6582

Technical details about CVE-2014-6582 are not publicly provided in the supplied documents. Monitor Oracle CPU advisories and related feeds for updates on affected products and remediation.

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...

Debian Security Advisory DSA 3132-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3132.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3132-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks GmbH...

DSA-3132-1 icedove - security update

Bulletin has no description...

Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service infinite loop and hang via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF...

Oracle Solaris Third-Party Patch Update : openssl (cve_2014_3505_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Double free vulnerability in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service application...

Microsoft Windows 8.1 (x86x64) - User Profile Service Privilege Escalation (MS15-003)

Microsoft Windows 8.1 x86x64 - User Profile Service Privilege Escalation MS15-003 Source: https://code.google.com/p/google-security-research/issues/detail?id=123 Platform: Windows 8.1 Update 32/64 bit No other OS tested When a user logs into a computer the User Profile Service is used to create...

[ MDVSA-2015:027 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:027 http://www.mandriva.com/en/support/security/ Package : kernel Date : January 16, 2015 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been found and corrected in the Linux...

OpenSSL 0.9.8 < 0.9.8zd Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 0.9.8zd. It is, therefore, affected by multiple vulnerabilities as referenced in the 0.9.8zd advisory. - The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the...

Debian DSA-3127-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service. %NASLMINLEVEL 70300 C Tenable Network Security,...

Dell-iDRAC-IPMI-1.5

Dell iDRAC IPMI v1.5 Implementation contains a flaw that is triggered as session IDs are assigned incrementally rather than randomly, and limit the overall pool. This may allow a remote attacker trivially predict session IDs, hijack a session, and inject arbitrary commands. from time import sleep...

CVE-2014-8641

Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data...

Microsoft Windows Network Policy Server Denial-of-Service Vulnerability (3014029)

This host is missing an important security update according to Microsoft Bulletin MS15-007. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Ubuntu 14.10 : linux vulnerabilities (USN-2468-1)

A NULL pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service system crash via a malformed INIT chunk. CVE-2014-7841 A race condition with MMIO and PIO transactions in the KV...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2467-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2467-1 advisory. A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this fl...