The vulnerability of the Audio Hardware Abstraction Layer interface of the Media Framework component in the Android operating system allows a hacker to increase their privileges.

The vulnerability of the Audio Hardware Abstraction Layer HAL component of the Android operating system’s Media Framework is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

CVE-2017-12273

A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency RF adjacent attacker to cause the Access Point AP to reload, resulting in a denial of service DoS condition. The...

CVE-2017-1000122

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service release assertion of the UI process. This vulnerability does not affect Apple products...

CVE-2017-1000122

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service release assertion of the UI process. This vulnerability does not affect Apple products...

CVE-2017-1000121

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products...

CVE-2017-1000122

CVE-2017-1000122 affects WebKitGTK+ (WebKit) prior to 2.16.3. The UNIX IPC layer fails to properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) in the UI process. This does not affect Apple products. A remediation is ...

CVE-2017-14992

Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing...

CVE-2017-14992

Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing...

UBUNTU-CVE-2017-14992

Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing...

[SECURITY] Fedora 26 Update: SDL2-2.0.7-1.fc26

Simple DirectMedia Layer SDL is a cross-platform multimedia library desig ned to provide fast access to the graphics frame buffer and audio device...

Unspecified Vulnerability in Apple iOS and macOS Sierra 802.1X

Apple iOS and macOS Sierra are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; macOS Sierra is a specialized operating system developed for Mac computers. 802.1X is one of the Client or Server-based access control and authentication protocol components. A...

ALPINE-CVE-2017-1000256

libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default...

tls-alpn NSE Script

Enumerates a TLS server's supported application-layer protocols using the ALPN protocol. Repeated queries are sent to determine which of the registered protocols are supported. For more information, see: Script Arguments mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port,...

CVE-2017-6161

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually...

App Layering 2.x/3.x: Best Practices

A consolidation of the various layering best practices to apply in the OS and App layers. For App Layering 4.x Best Practices, please refer here:https://support.citrix.com/article/CTX225952 Operating System Layer Have one Operating System layer per Operating System Windows 7 32-bit, Windows 7...

Citrix App Layering 4.x: Best Practices

Table of Contents Operating System Layer Operating System Patching Platform Layers Application Layers - Before Install Installation Applications Application Patching Elastic Layers Maintenance Operating System Layer Have one Operating System layer per Operating System Windows 7 32-bit, Windows 7...

The vulnerability of the Network Address Translation (NAT) mechanism implemented in the Cisco IOS operating system allows a hacker to cause a service failure and restart the device.

The vulnerability of the Network Address Translation NAT mechanism implemented by the Cisco IOS operating system is related to resource management errors incorrect translation of H.323 messages through the application-level gateway, using the Registration, Admission, and Status RAS protocol...

Ubuntu: Security Advisory (USN-3461-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : NVIDIA graphics drivers vulnerabilities (USN-3461-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3461-1 advisory. It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause...

USN-3461-1 nvidia-graphics-drivers-384 vulnerabilities

It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause a denial of service or potentially escalate their privileges on the system...