4456 matches found
Virtuozzo 7 : readykernel-patch (VZA-2017-008)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Improved isolation for neighbor table settings. Note that Tenable Network Security has extracted the preceding...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-009)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Possible crash in memcpyfromiovecend triggered from inside container. - Improved isolation for neighbor...
ICSA-17-061-01_Eaton xComfort Ethernet Communication Interface
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Eaton Equipment: xComfort Ethernet Communication Interface Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of xComfort Ethernet Communication Interface ECI, a building automation system...
Kernel security update: Virtuozzo ReadyKernel patch 12.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)
The cumulative Virtuozzo ReadyKernel patch updated with a security fix. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: PSBM-59964 Improved isolation for neighbor table settings...
The vulnerability of the Android operating system, which allows a hacker to bypass the security measures of the operating system
The vulnerability in the Android operating system’s package manager is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the operating system’s defenses, which typically isolate malicious applications from other applications. This...
CVE-2017-0421
An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application...
CVE-2017-0420
An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not...
CVE-2017-0414
An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does...
CVE-2017-0414
An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does...
CVE-2017-0421
An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application...
UBUNTU-CVE-2017-0413
An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does...
CVE-2017-0413
An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does...
UBUNTU-CVE-2017-0414
An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does...
UBUNTU-CVE-2016-9932
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix...
CVE-2016-5217
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2016-5217
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2016-5217
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page...
Design/Logic Flaw
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page...
UBUNTU-CVE-2016-5217
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2016-5217
In the connected Debian advisory (DSA-3731-1) for chromium-browser, CVE-2016-5217 is described as 'insufficient validation' in the pdfium library. No further impact details are provided; remediation is to upgrade to chromium-browser 55.0.2883.75-1~deb8u1 (Jessie).