98 matches found
UBUNTU-CVE-2016-9436
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag...
kernel: Unauthorized access to IPC objects with SysV shm
A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to...
Google Chrome Denial of Service Vulnerability (CNVD-2015-07975)
Google Chrome is a web browser developed by the American company Google Google. The 'VideoFramePool::PoolImpl::CreateFrame' function in the media/base/videoframepool.cc file in Google Chrome versions prior to 47.0.2526.73 has a security vulnerability. Due to the program failing to properly...
USN-2829-2 linux-lts-vivid vulnerabilities
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...
OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization...
Amazon Linux AMI : nspr (ALAS-2013-266)
A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. CVE-2013-5605 It was found that the fix for...
luci: paster hidden untrusted path and "command" (callable association) injection
A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user...
Updated python-suds package fixes security vulnerability
An insecure temporary directory use flaw was found in the way python-suds performed initialization of its internal file-based URL cache predictable location was used for directory to store the cached files. A local attacker could use this flaw to conduct symbolic link attacks, possibly leading to...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which...
DEBIAN-CVE-2013-4075
epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
This update fixes the following security issues : - A buffer overflow flaw was found in the loadmixervolumes function in the Linux kernel's Open Sound System OSS sound driver. On 64-bit PowerPC systems, a local, unprivileged user could use this flaw to cause a denial of service or escalate their...
RedHat Update for kernel RHSA-2011:0007-01
Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2011:0007-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Design/Logic Flaw
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
CentOS Update for kernel CESA-2011:0833 centos5 i386
Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:0833 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
kernel security update
CentOS Errata and Security Advisory CESA-2011:0833 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 1.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Design/Logic Flaw
net/packet/afpacket.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETRAW capability to read copies of the applicable structures...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...