USN-2965-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. Ralf Spenneberg discovered that the...

DEBIAN-CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

PT-2016-5648 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.5.2 Description: The issue concerns the arch pick mmap layout function in the Linux kernel, which fails to properly randomize the legacy base address. This makes it easier for local users to bypass the ASLR...

UBUNTU-CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

Stack overflow

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

CVE-2016-4053

CVE-2016-4053 in Squid allowed public information disclosure of the server stack layout when processing ESI responses. The issue is documented across multiple advisories (Debian, Red Hat/CentOS, Fedora, Amazon ALAS) with fixes in various branches: Debians fixed squid3 3.1.20-2.2+deb7u5; Jessie/St...

CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

UBUNTU-CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

squid: multiple issues

CVE-2016-4051 denial of service Due to incorrect buffer management Squid cachemgr.cgi tool is vulnerable to a buffer overflow when processing remotely supplied inputs relayed to it from Squid. - CVE-2016-4052 denial of service Due to buffer overflow issues Squid is vulnerable to a denial of...

CVE-2016-3971

Cross-site scripting XSS vulnerability in lucenesearch.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout...

Illustrated CVE-2 0 1 5-1 8 0 5-vulnerability warning-the black bar safety net

CVE-2 0 1 5-1 8 0 5 is a General-purpose linux kernel to any address write arbitrary value of vulnerability, this vulnerability worthy of commemoration, here with four double figure intuitive description about it: ! The initial memory layout ! First copy ! redo the second copy after ! Third copy...

The vulnerability of the Silverlight software platform, which allows a hacker to bypass the ASLR protection mechanism

The vulnerability of the Silverlight software platform is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially crafted web page...

The vulnerability of the Silverlight software platform, which allows a hacker to bypass the ASLR protection mechanism

The vulnerability of the Silverlight software platform is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially crafted web page...

WordPress MiniMax Plugin <= 2.0.2 - Cross Site Scripting

This vulnerability is in ./page-layout-builder/includes/layout-settings.php. Solution Update the plugin...

flashplugin: multiple issues

CVE-2016-1006 JIT spraying mitigation bypass These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations. - CVE-2016-1015 CVE-2016-1019 arbitrary code execution These updates resolve type confusion vulnerabilities that could...

CVE-2016-1006

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data...

UBUNTU-CVE-2016-1006

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data...

flash-plugin: multiple code execution issues fixed in APSB16-10

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data...

Adobe Flash Player Memory Misreference Vulnerability (CNVD-2016-02105)

Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. A memory misreference vulnerability exists in Adobe Flash Player. An attacker could exploit this vulnerability to...