Design/Logic Flaw

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...

Cisco Wide Area Application Services SMART-SSL Accelerator Denial of Service Vulnerability

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to...

Apple WebKit Safari 10.0.2(12602.3.12.0.1) - operationSpreadGeneric Universal Cross-Site Scripting

Apple WebKit Safari 10.0.212602.3.12.0.1 - operationSpreadGeneric Universal Cross-Site Scripting 'use strict'; function spreada return ...a; let arr = Object.create1, 2, 3, 4; for let i = 0; i f.onload = null; try spreadf.contentWindow; catch e e.constructor.constructor'alertlocation'; ; f.src =...

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

UBUNTU-CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

CVE-2017-7892

CVE-2017-7892 affects Sandstorm Cap'n Proto / capnpproto prior to 0.5.3.1. The vulnerability stems from compiler optimization interacting with Cap'n Proto’s pointer arithmetic, allowing overflow in 32-bit builds and leading to remote crashes (segmentation fault) when processing crafted far pointe...

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

CVE-2017-6417

CVE-2017-6417 is a local code-injection vulnerability in Avira products (Total Security Suite 15.0 and earlier, Optimization Suite 15.0 and earlier, Internet Security Suite 15.0 and earlier, Free Security Suite 15.0 and earlier) enabling a local attacker to bypass the vendors’ self-protection and...

Microsoft Edge Charkra Incorrect Jit Optimization Exploit

Exploit for windows platform in category dos / poc Microsoft Edge: Chakra incorrect jit optimization with TypedArray setter. CVE-2017-0071 PoC: "use strict"; function funca, b, c a0 = 1.2; b0 = c; a0 = ; ----------------------- 2 return 0; ; a0.toString; main; In the above code, Chakra assumes th...

Microsoft Edge Charkra Incorrect Jit Optimization

Microsoft Edge: Chakra incorrect jit optimization with TypedArray setter. CVE-2017-0071 PoC: "use strict"; function funca, b, c a0 = 1.2; b0 = c; a0 = ; ----------------------- 2 return 0; ; a0.toString; main; In the above code, Chakra assumes that the type of |a| will be still a native float arr...

Virtual Desktop Optimization

...

[SECURITY] Fedora 25 Update: drupal7-metatag-1.21-1.fc25

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

[SECURITY] Fedora 24 Update: drupal7-metatag-1.21-1.fc24

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

Fedora 24 : webkitgtk4 (2017-b1abcbe695)

This update addresses the following vulnerabilities : - CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373 Additional fixes : - Make accelerating compositing mode...

FAQ: What are the Difference Between WANOP, Standard and Enterprise Edition Licenses of NetScaler SD-WAN ?

Q: What is the difference between WANOP, Standard and Enterprise Edition license of NetScaler SD-WAN? A : With WANOPEdition License you can only have WAN Optimization feature which is applicable on NetScaler SD-WAN Version 7.x and below, 9.0.1, 9.1.0 +. With Standard Edition License you can only...

UBUNTU-CVE-2016-3995

The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...

The vulnerability of Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the V8 component in Google Chrome browser is related to improper optimization. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page from a remote location...

17 Essential Skills for Performance Engineers

Most people in the performance engineering field agree that our skillset is derived from an intersection of disciplines that include testing, optimization, and systems engineering...

DEBIAN-CVE-2016-1922

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...