DEBIAN-CVE-2017-0350

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges...

CVE-2017-0350

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges...

CVE-2017-0351

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges...

CVE-2017-0350

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges...

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

Siemens SIMATIC HMI Denial of Service Vulnerability

SIMATIC HMI is an industrial device from Siemens, Germany.SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. A denial of service vulnerability in the Siemens SIMATIC HMI Multi-Panel and HMI Mobile Panels, as well as in the S7-300/S7-400 devices, allows an...

CVE-2017-8058

Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call...

CVE-2017-5902

The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2017-5907

The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2017-6625

A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing...

CVE-2017-6628

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...

DEBIAN-CVE-2017-8373

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

ALPINE-CVE-2017-8373

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

PT-2017-18299 · Underbit Technologies +1 · Libmad +1

Name of the Vulnerable Software and Affected Versions: libmad version 0.15.1b Description: The issue allows remote attackers to cause a denial of service, which can lead to a heap-based buffer overflow and application crash, or possibly have other unspecified impacts. This is achieved through a...

PT-2017-18298 · Underbit Technologies +1 · Libmad +1

Name of the Vulnerable Software and Affected Versions: libmad version 0.15.1b Description: The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and application exit, via a crafted audio file. This is related to the mad layer III function in layer3.c,...

Directory Traversal

github.com/appc/docker2aci is vulnerable to directory traversal vulnerabilities. The attacks can be conducted by including .. dot dot in the embedded layer data in an image and allows attackers to write to arbitrary files...

NVIDIA Linux GPU Display Driver contains missing permissions check and improper validation vulnerabilities - us

Lenovo Security Advisory: LEN-10962 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-7382, CVE-2016-7389 Summary Description: The NVIDIA GPU Display Driver for Linux contains two privilege escalation vulnerabilities. CVE-2016-7382...

Cisco ASA Software Denial of Service Vulnerability

Cisco ASA 1000V Cloud Firewall and so on are the products of the American Cisco Cisco company.Cisco ASA 1000V Cloud Firewall is a set of cloud firewall solutions.Cisco ASA 5500 Series Adaptive Security Appliances is the Cisco ASA 5500 Series Adaptive Security Appliances is the next generation of...

Akerun-Smart Lock Robot Man-in-the-Middle Attack Vulnerability

Akerun-Smart Lock Robot App for iOS is a smart lock system based on iOS platform. The system supports Bluetooth connection via cell phone, and you can share the permission to more family members and friends, etc. A security vulnerability exists in Akerun-Smart Lock Robot App for iOS versions prio...

CVE-2016-1186

Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates...