4336 matches found
WordPress < 4.2.4 Multiple Vulnerabilities
Binary data 9031.prm...
Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2617 advisory. - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - rac...
openssl security update
1.0.1e-51.1 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint 1.0.1e-51 - fix the CVE-2015-1791 fix broken server side renegotiation 1.0.1e-50 - improved fi...
Oracle Linux 7 : openssh (ELSA-2015-2088)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2088 advisory. - Security fixes released with openssh-6.9 CVE-2015-5352 1247864 - XSECURITY restrictions bypass under certain conditions in ssh1 1238231 - weakness of...
openssh security, bug fix, and enhancement update
6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...
CVE-2012-3452
gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen locking and access an unattended workstation...
Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw
Samsung fimg2d - FIMG2DBITBLTBLIT ioctl Concurrency Flaw Source: https://code.google.com/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver /dev/fimg2d is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains...
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following: Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiti...
LockerPin Ransomware Resets PIN and Permanently Locks Your SmartPhones
Your device's lock screen PIN is believed to keep your phone's contents safe from others, but sadly not from a new piece of ransomware that is capable of hijacking safety of your Android devices. A group of security researchers has uncovered what is believed to be the first real example of malwar...
CVE-2015-6745
Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...
Security feature bypass
Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...
Security feature bypass
Basware Banking Maksuliikenne before 8.90.07.X relies on the client to enforce 1 login verification, 2 audit trail creation, and 3 account locking, which allows remote attackers to "disrupt security-critical functions" by "dropping network traffic." NOTE: this identifier was SPLIT from...
CVE-2015-6745
Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...
CVE-2015-6745
Baseline affected software: Basware Banking (Maksuliikenne), version 8.90.07.X and earlier. Vulnerability: the product relies on the client to enforce account locking, enabling a local attacker to bypass the security mechanism by deleting entries in the locking list (or locking table). Root cause...
CVE-2015-6744
Basware Banking Maksuliikenne before 8.90.07.X relies on the client to enforce 1 login verification, 2 audit trail creation, and 3 account locking, which allows remote attackers to "disrupt security-critical functions" by "dropping network traffic." NOTE: this identifier was SPLIT from...
Race condition
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error...
Debian Security Advisory DSA 3332-1 (wordpress - security update)
Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site. CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved. The parsing is a bit more strict, which may affect yo...
Fedora 22 : openssh-6.9p1-1.fc22 (2015-11063)
This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking ssh-add -x to password guessing more info in related bugs. It also provides new version of openssh-6.9 which is bringing many bugfixes and...
Fedora 21 : openssh-6.6.1p1-13.fc21 (2015-11067)
This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking ssh-add -x to password guessing more info in related bugs. For more information see related bugs. Note that Tenable Network Security has...
OpenSSH < 6.9 Multiple Vulnerabilities
According to its banner, the version of OpenSSH running on the remote host is prior to 6.9. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the x11openhelper function in the 'channels.c' file that allows connections to be permitted after 'ForwardX11Timeout' ha...