Amazon Linux AMI : kernel / nvidia (ALAS-2013-148)

A malicious Network File System version 4 NFSv4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. CVE-2012-2375 , Moderate A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the...

Amazon Linux AMI : kernel (ALAS-2012-122)

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager. C Tenable Network Security...

CVE-2013-5469

The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service flood of ACK packets via a crafted series of ACK and FIN packets, aka Bug ID CSCtz14399...

CVE-2013-5469

Cisco IOS Software TCP stack vulnerability (CVE-2013-5469) allows unauthenticated, remote attackers to cause an ACK storm by sending crafted ACK/FIN sequences due to incorrect handling of ESTABLISHED-to-CLOSED state transitions. This results in excessive network traffic and high CPU utilization. ...

CVE-2013-5209

The sctpsendinitiateack function in sys/netinet/sctpoutput.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by readi...

Fedora Update for strongswan FEDORA-2013-14481

Check for the Version of strongswan OpenVAS Vulnerability Test Fedora Update for strongswan FEDORA-2013-14481 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CVE-2013-2802

The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Fedora Update for openstack-keystone FEDORA-2013-10467

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-10467 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

shopex ctl. member. php file SQL injection vulnerability-vulnerability warning-the black bar safety net

Issql injectionvulnerability testing version: shopex-singel-4.8.5.78660 File:\core\shop\controller\ctl.member.php function delTrackMsg if! empty$POST'deltrack' $oMsg = &$this-system-loadModel'resources/msgbox'; $oMsg-delTrackMsg$POST'deltrack'; $this-splash'success',...

Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling CVE-2013-2881. Cloudfuzzer discovered a type confusion issue in the V8 javascript library CVE-2013-2882. Cloudfuzzer discovered a...

CVE-2013-4806

The OSPF implementation on HP JD9A routers; HP J4A, J484B, J8A, JD3A, JEA, and JF55A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on...

Fedora Update for openstack-keystone FEDORA-2013-10713

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-10713 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

gnupg / libcrypt RSA implementation flush+reload timing attack

Private key recovery by using CPU L3 cache timings...

[SECURITY] [DSA 2732-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2732-1 [email protected] http://www.debian.org/security/ Michael Gilbert July 31, 2013 http://www.debian.org/security/faq -...

[SECURITY] Fedora 19 Update: wss4j-1.6.10-1.fc19

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services...

[SECURITY] Fedora 19 Update: jacorb-2.3.1-8.fc19

This package contains the Java implementation of the OMG's CORBA standard...

[SECURITY] Fedora 18 Update: wss4j-1.6.10-1.fc18

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services...

Design/Logic Flaw

The RAKP protocol support in the Intelligent Platform Management Interface IPMI implementation in Integrated Management Module IMM and Integrated Management Module II IMM2 on IBM BladeCenter, Flex System, System x iDataPlex, and System x3 servers sends a password hash to the client, which makes i...

Debian DSA-2735-1 : iceweasel - several vulnerabilities

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code, cross-site scripting, privilege escalation, bypass of t...