8704 matches found
UBUNTU-CVE-2016-9962
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...
DEBIAN-CVE-2016-7798
The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism...
UBUNTU-CVE-2016-7798
The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism...
CVE-2016-9435
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to tags...
CVE-2016-9436
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag...
UBUNTU-CVE-2016-9436
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag...
openSUSE Security Update : gstreamer-plugins-bad (openSUSE-2017-63)
This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes : - Check an integer overflow CVE-2016-9445 and initialize a buffer CVE-2016-9446 in vmncdec. bsc1010829 - CVE-2016-980...
MGASA-2016-0425 Updated hdf5 packages fix security vulnerabilities
In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution CVE-2016-4330. When decoding data out of a dataset...
CVE-2016-9756
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment CS in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2016-9756
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment CS in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2016-9756
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment CS in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144) Exploit
Exploit for windows platform in category dos / poc 1; , set: function ; function f var i = Intl; Intl = ; // this somehow prevents an exception that prevents laoding di, "Collator", noobj;...
Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)
1; , set: function ; function f var i = Intl; Intl = ; // this somehow prevents an exception that prevents laoding di, "Collator", noobj; Object.defineProperty = f; var q = new Intl.NumberFormat...
Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)
Microsoft Edge - Internationalization Initialization Type Confusion MS16-144 1; , set: function ; function f var i = Intl; Intl = ; // this somehow prevents an exception that prevents laoding di, "Collator", noobj; Objec...
About the security content of iTunes 12.5.4 for Windows
About the security content of iTunes 12.5.4 for Windows This document describes the security content of iTunes 12.5.4 for Windows. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
Default credentials
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
UBUNTU-CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...