JLSEC-2026-151 In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could...

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

CVE-2022-4384

The Stream WordPress plugin before 3.9.2 does not prevent users with little privileges on the site like subscribers from using its alert creation functionality, which may enable them to leak sensitive information...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel bnc1181349...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0041)

The remote OracleVM system is missing necessary patches to address critical security updates : - can: peakusb: pcanusbfd: Fix info-leaks to USB devices Tomas Bortoli Orabug: 31351221 CVE-2019-19535 - media: hdpvr: Fix an error handling path in hdpvrprobe Arvind Yadav Orabug: 31352053 CVE-2017-166...

Unbreakable Enterprise kernel security update

4.1.12-124.42.3 - can: peakusb: pcanusbfd: Fix info-leaks to USB devices Tomas Bortoli Orabug: 31351221 CVE-2019-19535 - media: hdpvr: Fix an error handling path in hdpvrprobe Arvind Yadav Orabug: 31352053 CVE-2017-16644 - fs/binfmtmisc.c: do not allow offset overflow Thadeu Lima de Souza Cascard...

Debian DLA-1799-2 : linux security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. This updated advisory text adds a note about the need to install new binary packages. CVE-2018-5995 ADLab of VenusTech discovered that the kernel logge...

AWS FreeRTOS Bugs Allow Compromise of IoT Devices

Researchers have found that a popular Internet of Things real-time operating system – FreeRTOS – is riddled with serious vulnerabilities. The bugs could allow hackers to crash connected devices in smart homes or critical infrastructure systems, leak information from the devices’ memory, and take...

Microsoft Windows NTFS File System Metadata Disclosures Exploit

The Microsoft Windows Kernel suffers from multiple stack and pool memory disclosures into NTFS file system metadata. Windows Kernel multiple stack and pool memory disclosures into NTFS file system metadata CVE-2017-11880 We have discovered that the NTFS.sys driver writes uninitialized kernel stac...

The Tor Project to Beef Up Privacy with Next-Generation of Onion Services

The Tor Project has made some significant changes to its infrastructure by improving the way the 'onion' network protects its users' privacy and security. Since the beginning, the largest free online anonymity network has been helping users browse the web anonymously, and its onion service provid...

Debian DSA-3952-1 : libxml2 - security update

Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the...

X360 VideoPlayer ActiveX Control Buffer Overflow Exploit

This Metasploit module exploits a buffer overflow in the VideoPlayer.ocx ActiveX installed with the X360 Software. By setting an overly long value to 'ConvertFile',an attacker can overrun a .data buffer to bypass ASLR/DEP and finally execute arbitrary code. This module requires Metasploit:...

openSUSE Security Update : kernel (openSUSE-SU-2013:1971-1)

The Linux Kernel was updated to fix various security issues and bugs. - sctp: Use correct sideffect command in duplicate cookie handling bnc826102, CVE-2013-2206. - Drivers: hv: util: Fix a bug in util version negotiation code bnc838346. - vmxnet3: prevent div-by-zero panic when ring resizing...

Unbreakable Enterprise Kernel security update

kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2538)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2538 advisory. - Bluetooth: RFCOMM - Fix missing msgnamelen update in rfcommsockrecvmsg Mathias Krause Orabug: 17173830 CVE-2013-3225 - Bluetooth: fix possible in...

Updated kernel-rt package fixes security issues.

This kernel-rt update provides the extended stable 3.8.13.4 kernel and fixes the follwing security issues: The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access t...

Updated kernel-vserver package fixes security issues

This kernel-vserver update provides the upstream 3.4.52 kernel and fixes the follwing security issues: The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to...

SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7164)

This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several critical security issues. The following security issues were fixed : - Incorrect buffer handling in the biarch-compat buffer handling could be used by local attackers to gain root privileges. This problem affects foremos...

kernel security and bug fix update

2.4.21-63.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-63.EL - fs: fix pipe nul...

kernel security and bug fix update

2.6.18-128.1.14.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...

GLSA-200605-08 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200605-08 PHP: Multiple vulnerabilities Several vulnerabilities were discovered on PHP4 and PHP5 by Infigo, Tonu Samuel and Maksymilian Arciemowicz. These included a buffer overflow in the wordwrap function, restriction bypasses i...