462 matches found
Security update for MozillaFirefox (important)
This update for MozillaFirefox to version 51.0.1 fixes security issues and bugs. These security issues were fixed: CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP bmo1325200, boo1021814 CVE-2017-5376: Use-after-free in XSL bmo1311687, boo1021817 CVE-2017-5377: Memory...
Cisco Warns of Critical Flaw in CloudCenter Orchestrator Systems
Cisco Systems released a critical security bulletin for a vulnerability that could allow an attacker to gain root privileges on affected CloudCenter Orchestrator systems. The company released workaround instructions to mitigate the flaw along with making a software fix available for download. “Th...
Brave Software: [iOS/Android] Address Bar Spoofing Vulnerability
Hello, I am Aaditya Purani, I would like to Report Address Bar spoofing vulnerability in Brave Browser on the IOS as well as Android Platform. All the Test have been carried out against Latest Brave Browser whose versions i have mentioned in Products affected section. Summary: Brave Browser Suffe...
Free Tool Protects Mac Users from Webcam Surveillance
DENVER—Hijacking a user’s webcam is one of the more dastardly tactics used for surveillance. In most cases the attacker can use a number of different webcam-aware malware samples to quietly turn on and record audio and video from the target’s machine. Doing so, however, also turns on the embedded...
Androguard - Reverse engineering, Malware and goodware analysis of Android applications
Reverse engineering, Malware and goodware analysis of Android applications ... and more ninja ! Features Androguard is a full python tool to play with Android files. Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects, Diassemble/Decompilation/Modification of DEX/ODEX/APK...
DEBIAN-CVE-2016-4954
The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...
UBUNTU-CVE-2016-4954
The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...
My Weather Indicator - BSD license, Corrupted files, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application My Weather Indicator published at the 'play' market has multiple vulnerabilities...
Sensor Indicator - SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Sensor Indicator published at the 'play' market has multiple vulnerabilities...
Zendesk: Race Condition in Article "Helpful" Indicator
See title...
CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
DEBIAN-CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
UBUNTU-CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
CVE-2015-8217
The CVE-2015-8217 vulnerability in FFmpeg (libavcodec/hevc_ps.c) arose from not validating the Chroma Format Indicator, allowing a crafted HEVC stream to trigger an out-of-bounds array access and potential DoS. Connected advisories confirm FFmpeg up to version 2.8.2 fixed this issue by adding a c...
CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
Address-Spoofing Bug Haunts Android Stock Browser
There’s an easily exploitable vulnerability in the Android stock browser that enables an attacker to spoof the URL in the address bar and force a victim to visit a malicious site while believing he is visiting a benign one. Security researcher Rafay Baloch discovered the vulnerability and develop...
Certificate Transparency Moves Forward With First Independent Log
The Certificate Transparency scheme proposed by Google engineers has taken a couple of significant steps forward recently, with the approval of the first independent certificate log and the passing of a deadline for all extended validation certificates to be CT-compliant or lose the green indicat...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0893-1)
Changes in icedtea-web with update to 1.4 bnc818768 : - Added cs, de, pl localization - Splash screen for javaws and plugin - Better error reporting for plugin via Error-splash-screen - All IcedTea-Web dialogues are centered to middle of active screen - Download indicator made compact for more th...
UBUNTU-CVE-2014-3204
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys...
Ubuntu Update for indicator-datetime USN-2186-1
Check for the Version of indicator-datetime OpenVAS Vulnerability Test $Id: gbubuntuUSN21861.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for indicator-datetime USN-2186-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...