CVE-2018-15470

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...

CVE-2018-15470

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...

CVE-2018-15470

CVE-2018-15470 affects Xen up to 4.11.x. The oxenstored writes handling depends on the evaluation order of tuple subexpressions (OCaml order not specified), which can cause the configured quota-maxentity to be unenforced. This permits a malicious/buggy guest to create unbounded Xenstore entries, ...

CVE-2018-15470

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...

libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

Debian DLA-1466-1 : linux-4.9 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-5390 SegmentSmack Juha-Matti Tilli discovered that a remote attacker can trigger the worst case code paths for TCP stream reassembly with low rates of specially...

Debian DSA-4272-1 : linux - security update

CVE-2018-5391 FragmentSmack Juha-Matti Tilli discovered a flaw in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker can take advantage of this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially...

[SECURITY] [DSA 4272-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4272-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2018 https://www.debian.org/security/faq -...

OPENSUSE-SU-2018:2327-1 Security update for python-Django

This update for python-Django to 1.11.15 fixes the following issues: This security issue was fixed: - CVE-2018-14574: Prevent open redirect in django.middleware.common.CommonMiddleware bsc1102680. These non-security issues were fixed: - Fixed WKBWriter.write and writehex for empty polygons on GEO...

Information disclosure

Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage...

Monitoring NetScaler SD-WAN Network/System

Complete the following steps to monitor statistics related to Network interfaces and System statistics like CPU/Memory: Under Monitoring - Appliance Reports SubSystem / Network / System You can monitor Traffic/Errors/Packet drops at Interface level Load Average Network Status Check CPU and Memory...

Fedora 27 : php (2018-6f37f99641)

PHP version 7.1.20 19 Jul 2018 Core: - Fixed bug php76534 PHP hangs on 'illegal string offset on string references with an error handler. Laruence - Fixed bug php76502 Chain of mixed exceptions and errors does not serialize properly. Nikita Date: - Fixed bug php76462 Undefined property:...

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

CVE-2018-14678

CVE-2018-14678 affects the Linux kernel up to 4.17.11 (and Xen up to 4.11.x). The xen_failsafe_callback entry in arch/x86/entry/entry_64.S does not properly preserve RBX, enabling local attackers to trigger uninitialized memory usage, causing a denial of service; 64-bit x86 PV Linux guests may cr...

Input validation

memjs versions = 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage...

CVE-2018-3767

memjs versions = 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage...

CVE-2018-3767

CVE-2018-3767 affects memjs versions

Dovecot User Authentication Denial of Service Vulnerability

Dovecot is prone to a Denial of Service vulnerability within the user authentication. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...