CVE-2012-2891

The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors...

Information disclosure

The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors...

CVE-2012-2891

CVE-2012-2891 affects Chromium/Google Chrome IPC memory handling. The IPC implementation in Chrome before 22.0.1229.79 can leak memory-address information via unspecified vectors, exposing potentially sensitive process memory details. Multiple connected advisories corroborate Chromium/Chromium-ba...

Important: Red Hat Security Advisory: openssl security update

An update for the OpenSSL component for JBoss Enterprise Web Server 1.0.2 for Solaris and Microsoft Windows that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common...

Design/Logic Flaw

The Passcode Lock implementation in Apple iOS before 6 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors...

Design/Logic Flaw

The Restrictions aka Parental Controls implementation in Apple iOS before 6 does not properly handle purchase attempts after a Disable Restrictions action, which allows local users to bypass an intended Apple ID authentication step via an app that performs purchase transactions...

Android 4.0.4 multiple Zero-Day Vulnerabilities

The Samsung Galaxy S3 can be hacked via NFC, allowing attackers to download all data from the Android smartphone, security researchers demonstrated during the Mobile Pwn2Own contest in Amsterdam. Using a pair of zero day vulnerabilities, a team of security researchers from U.K.-based MWR Labs...

[SECURITY] Fedora 18 Update: jabberd-2.2.17-1.fc18

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

CVE-2012-3923

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service device crash via a session involving a PPP over ATM PPPoA interface, aka...

CVE-2012-3915

CVE-2012-3915 affects Cisco IOS 15.2 DMVPN tunnel implementation. The issue allows remote attackers to cause a denial of service by sending a large volume of hub-to-spoke traffic, creating a persistent IKE state (Bug ID CSCtq39602). Connected records confirm the vulnerable component and outcome b...

CVE-2012-3893

The CVE identifies a vulnerability in Cisco IOS FlexVPN: FlexVPN in IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic (Bug ID CSCtz02622). Affected product: Cisco IOS with FlexVPN functionality; attack vector is network-expos...

Group Picker Should Not Listed All Groups

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-26600. panel Confluence will display all groups registered on it when users access any group picker and put value as its search...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1556-1)

Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to crash the system. CVE-2012-0044 A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS protocol implementation. A local, unprivileged user could use this...

Mandrake Linux Security Advisory : Zope (MDKSA-2000:035)

A problem exists in the Zope package with the getRoles method of user objects contained in the default UserFolder implementation. Users with the ability to edit DTML could arrange to give themselves extra roles for the duration of a single request by mutating the roles list as a part of the reque...

Information disclosure

The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service application crash via unspecified vectors...

CVE-2012-2867

The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service application crash via unspecified vectors...

CentOS Update for thunderbird CESA-2012:1211 centos5

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2012:1211 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

CVE-2012-3968

Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a...

CVE-2012-3961

Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service heap...

Memory corruption

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows...