Double free

The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...

CVE-2017-9985

The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...

CVE-2017-9986

The intr function in sound/oss/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "doub...

CVE-2017-9985

The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...

CVE-2017-1117

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a denial of service to the MQXR channel when trace is enabled. IBM X-Force ID: 121155...

IBM WebSphere MQ Data Transformation Denial of Service Vulnerability

IBM WebSphere MQ is a messaging middleware product from IBM, USA. IBM WebSphere MQ fails to properly handle data transformations, allowing remote attackers to exploit the vulnerability by submitting a special request that could crash the application...

IBM WebSphere MQ Man-in-the-Middle Hijacking Vulnerability

IBM WebSphere MQ is a messaging middleware product from IBM, USA. IBM WebSphere MQ sends cryptographic data in clear text over the network, allowing remote attackers to exploit the vulnerability to sniff the network for sensitive information...

CVE-2016-8986

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference : 1998648...

UBUNTU-CVE-2016-7938

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1printframe...

PT-2016-7860 · Pivotal +4 · Rabbitmq +3

Name of the Vulnerable Software and Affected Versions: Pivotal RabbitMQ versions 3.x through 3.5.7 Pivotal RabbitMQ versions 3.6.x through 3.6.5 RabbitMQ for PCF versions 1.5.x through 1.5.19 RabbitMQ for PCF versions 1.6.x through 1.6.11 RabbitMQ for PCF versions 1.7.x through 1.7.6 Description:...

libcsp library buffer overflow vulnerability (CNVD-2016-10598)

The libcsp library is a small network layer transport protocol library designed for Cubesats small protocol stacks written in C. A buffer overflow vulnerability exists in the zmq interface in the cspifzmqhub.c file in libcsp library v1.4 and earlier versions, which can be exploited by an attacker...

IBM WebSphere MQ Denial of Service Vulnerability (CNVD-2016-08271)

IBM WebSphere MQ is a messaging middleware product from IBM, USA. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM WebSphere MQ, which can be exploited by remote attackers to cause a...

Vulnerability is a combination punch--attack of distributed nodes-the vulnerability of early warning-the black bar safety net

Distributed systems mostly rely on the message queue middleware to solve the asynchronous processing, the application of coupled problems such as Message Queuing middleware of choice in turn depends on the overall system design and implementation, message packaging, transmission, processing throu...

CVE-2016-5879

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted 1 Disaster Recovery or 2 High Availability command...

IBM MQ Appliance Local Command Execution Vulnerability

The IBM MQ Appliance is a solution that supports IBM MQ deployment for new use cases and simplifies existing deployment options. A local command execution vulnerability exists in IBM MQ Appliance. A local attacker is allowed to exploit the vulnerability to execute arbitrary commands and obtain...

IBM WebSphere MQ Arbitrary Command Execution Vulnerability

IBM WebSphere MQ is a messaging middleware product. An arbitrary command execution vulnerability exists in IBM WebSphere MQ, which can be exploited by a local attacker to execute arbitrary commands with elevated privileges...

CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

DEBIAN-CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

UBUNTU-CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...

CVE-2016-2057

lib/xymondipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions 666 for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue...