Oracle Linux 4 : kernel (ELSA-2009-1211)

From Red Hat Security Advisory 2009:1211 : Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2033)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2033 advisory. - ipv6: make fragment identifications less predictable Joe Jin CVE-2011-2699 - vlan: fix panic when handling priority tagged frames Joe Jin...

CVE-2013-2875

core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

CVE-2013-2875

core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

CVE-2013-2875

The CVE-2013-2875 entry affects Google Chrome/Blink’s SVG rendering path. Specifically, core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation before Chrome 28.0.1500.71 is vulnerable. The issue allows remote attackers to trigger a denial of service via out-of-bounds reads, with vector...

CVE-2013-4784

The HP Integrated Lights-Out iLO BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 aka cipher zero and an arbitrary password...

Qi Bo cms back-end database tool at the filter is not strictly the actuator can be written in a word-vulnerability and early warning-the black bar safety net

If your account password is leaked then you're in danger. in the background can directly get a webshell The background for the convenience of webmasters to have a database tool where the implementation Select '%execute request"value"%' into outfile 'F:/wwwroot/shiyanshi/cache/1.asp'; Just write t...

CVE-2013-2206

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

CVE-2013-2206

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

Null pointer dereference

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

CVE-2013-2206

CVE-2013-2206 concerns the Linux kernel SCTP implementation. The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c does not properly handle associations during processing of a duplicate COOKIE ECHO chunk, allowing remote attackers to trigger a denial of service via NULL pointer derefer...

CVE-2013-0558

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive information about application implementation via unspecified vectors...

CVE-2013-0475

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020,...

Code injection

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-3020, CVE-2013-0568,...

Design/Logic Flaw

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive information about application implementation via unspecified vectors...

CVE-2013-2985

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568,...

CVE-2013-0475

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020,...

CVE-2013-3401

The CVE-2013-3401 issue affects the SIP implementation in Cisco TelePresence TC Software. It arises from errors in the SIP stack that allow an unauthenticated, remote attacker to cause unintended NOTIFY messages, potentially impacting the integrity of communications. Cisco’s advisory notes that e...

Cisco TC Software SIP Implementation Vulnerability

A vulnerability in the Session Initiation Protocol SIP implementation used in TC Software could allow an unauthenticated, remoteattacker to cause an endpoint to process unintended SIP NOTIFY messages. The vulnerability is due to errors in the SIP implementation. An attacker could exploit this...

CVE-2013-1694

The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service application crash or...