118 matches found
Unbreakable Enterprise kernel security update
4.1.12-124.40.6 - ipv4: ipv4defaultadvmss should use route mtu Eric Dumazet Orabug: 31563095 - net: ipv4: Refine the ipv4defaultadvmss Gao Feng Orabug: 31563095 4.1.12-124.40.5 - Revert 'bnxten: Remove busy poll logic in the driver.' Brian Maly Orabug: 28151475 - md: batch flush requests. NeilBro...
Updated kernel packages fix security vulnerabilities
This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.2.5 machine-os-content-container security update
An update for machine-os-content-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Memory Corruption Vulnerability in LSIS Configuration Software
LSIS configuration software is a configuration software of LeStar Industrial Electronics Wuxi Co. A memory corruption vulnerability exists in the mce project file handling of LSIS configuration software, which can be exploited by attackers to execute malicious code...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.29.1 - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059183 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 2505918...
Unbreakable Enterprise kernel security update
4.1.12-124.24.1 - pinctrl: amd: Use devmpinctrlregister for pinctrl registration Laxman Dewangan Orabug: 27539246 CVE-2017-18174 - mlock: fix mlock count can not decrease in race condition Yisheng Xie Orabug: 27677611 CVE-2017-18221 - perf/core: Fix the perfcputimemaxpercent check Tan Xiaojun...
Unbreakable Enterprise kernel security update
4.1.12-124.18.9 - rebuild bumping release 4.1.12-124.18.8 - Cipso: cipsov4optptr enter infinite loop yujuan.qi Orabug: 28563992 CVE-2018-10938 - Btrfs: fix listadd corruption and soft lockups in fsync Liu Bo Orabug: 28119834 - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests Peter...
jfv-weimar.de XSS vulnerability
Open Bug Bounty ID: OBB-648983 Description| Value ---|--- Affected Website:| jfv-weimar.de Open Bug Bounty Program:| View Open Bug Bounty Program Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Oracle: Security Advisory (ELSA-2008-0612)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : Xen (SUSE-SU-2015:0746-1)
The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : CVE-2015-2756: XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through...
UBUNTU-CVE-2012-4230
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the 1 encoding directive and 2 validelements attribute, which allows attackers to conduct cross-site scripting XSS attacks via application-specific vectors, as demonstrated using a textarea element...
Mambo CMS 4.6.5 Denial Of Service / Disclosure
Larry W. Cashdollar 1/2/2012 http://vapid.dhs.org About Mambo: "Mambo is a full-featured content management system that can be used for everything from simple websites to complex corporate applications." http://mambo-code.org 1. Clear text password/crypt: Mambo stores mysql database password in...
RuubikCMS < v1.0.3 Shell Upload Vulnerability
Exploit for php platform in category web applications Exploit Title : RuubikCMS v1.0.3 Shell Upload Vulnerability Google Dork : Powered by RuubikCMS Date : 2011-03-06 Author : Alexander Software Link : http://www.ruubikcms.com Version : v1.0.3 Test On : Linux/php CVE : Web Applications === Exploi...
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2.6.18-194.el5 - net mlx4: pass attributes down to vlan interfaces Doug Ledford 573098 - block cfq-iosched: fix sequential read perf regression Jeff Moyer 571818 2.6.18-193.el5 - fs gfs2: locking fix for potential dos Steven Whitehouse 572390 CVE-2010-0727 - acpi powermeter: avoid oops on driver...
kernel security update
CentOS Errata and Security Advisory CESA-2008:0612 Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages...
kernel security and bug fix update
2.6.18-92.1.10.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - splice Fix bad unlockpage in error case Jens Axboe orabug 6263574 - dio fix error-path crashes Linus Torvalds orabug 6242289 - NET fix netpoll race Tina Yang orabugz 5791 2.6.18-92.1.10.el5 - ia64...
SuSE 10 Security Update : Xen (ZYPP Patch Number 2155)
This update includes both bug fixes and security fixes for Xen. A summary of the fixes appears below: 151105 - Fix various 'leaks' of loopback devices w/ domUloader 162865 - Re-send all page tables when migrating to avoid oops 167145 - Add status messages during file backed disk creation 176369 -...
.NET 1.0 SP3 Tablet/MCE
This is used for updates that target .NET Framework 1.0 SP3 Tablet/MCE OCM Patches...