1907 matches found
MGASA-2014-0007 Updated nodejs package fixes security vulnerabilities
A denial of service flaw was found in the way Node.js handled pipelined HTTP requests. A remote attacker could use this flaw to send an excessive amount of HTTP requests over a network connection, causing Node.js to use an excessive amount of memory and possibly exit when all available memory is...
[SECURITY] Fedora 20 Update: nginx-1.4.4-1.fc20
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Veeam ONE v7 R2 update
Challenge Release Notes for Veeam ONE v7 R2 update Cause Please confirm you are running version 7.0.0.876 prior to installing this update. You can check this under Help | About in Veeam ONE Monitor Client. After upgrading, your build will be version 7.0.0.919. This update should be applied to...
qt4-xml -- XML Entity Expansion Denial of Service
Richard J. Moore reports: QXmlSimpleReader in Qt versions prior to 5.2 supports expansion of internal entities in XML documents without placing restrictions to ensure the document does not cause excessive memory usage. If an application using this API processes untrusted data then the application...
Fedora Update for nginx FEDORA-2013-21826
Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2013-21826 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
[SECURITY] Fedora 19 Update: nginx-1.4.4-1.fc19
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:267)
Updated java-1.7.0-openjdk packages fix security vulnerabilities : Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-235)
Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...
RedHat Update for java-1.6.0-openjdk RHSA-2013:1505-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: java-1.6.0-openjdk security update
Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
libipa_hbac, sssd security update
CentOS Errata and Security Advisory CESA-2013:1319 Updated sssd packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVS...
Low: Red Hat Security Advisory: sssd security and bug fix update
Updated sssd packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
Amazon Linux AMI : bind (ALAS-2013-176)
A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. CVE-2013-2266 C Tenable Network Security, Inc. The...
Veeam Backup Temporary Snapshot
Challenge A snapshot named VEEAM BACKUP TEMPORARY SNAPSHOT is found on a VMware Virtual Machine. Cause As detailed in the Veeam Backup & Replication User Guide, a snapshot is created on a VM that is being processed by a Veeam job. This creation of this snapshot causes the VM's base disks to be in...
[SECURITY] Fedora 18 Update: nginx-1.2.9-1.fc18
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
[SECURITY] Fedora 19 Update: nginx-1.4.1-1.fc19
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Mandriva Linux Security Advisory : subversion (MDVSA-2013:153)
Multiple vulnerabilities has been found and corrected in subversion : Subversion's moddavsvn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem being...
Debian DSA-2656-1 : bind9 - denial of service
Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash...
Important: Red Hat Security Advisory: bind security and bug fix update
Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...