2514 matches found
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Release Notes for Veeam Backup & Replication 9.0 Update 2
More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 9.0 Update 2 Cause Please confirm you are running version 9.0.0.902 or 9.0.0.1491 prior to installing this updat...
HTTP2. 0 Protocol is aeration 4 high-risk vulnerabilities can cause server to crash-bug warning-the black bar safety net
! If you think that HTTP2. 0 Protocol than the standard HTTP Hypertext Transfer Protocol more secure, then you're wrong. Researchers spent 4 months in HTTP2. 0 Protocol found 4 vulnerabilities that! Last 2 month, Google put their SPDY project bundled into HTTP2. 0, intended to strengthen the page...
Multi Gigabit Packet Capturing: PFQ
PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission 10G and beyond, in-kernel functional processing and packets steering across sockets/end-points. PFQ is highly optimized for multi-core architecture, as well as for...
Glacier smart DNS traffic optimization system nslookup_cgi. cgi arbitrary command execution
No description provided by source...
Glacier smart DNS traffic optimization system interface_update_select. php_eth parameter command execution
No description provided by source...
CVE-2014-9799
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...
CVE-2014-9799
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...
Integer overflow
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...
CVE-2014-9799
CVE-2014-9799 concerns Android on Nexus 5 and 7 (2013) devices before 2016-07-05, where a Qualcomm makefile omits -fno-strict-overflow, potentially enabling local privilege escalation via crafted apps that exploit incorrect compiler optimization of an integer-overflow protection mechanism. The is...
A year of Windows kernel font fuzzing #2: the techniques
Posted by Mateusz Jurczyk of Google Project Zero In part 1 of the series see here, we discussed the motivation and outcomes of our year long fuzzing effort against the Windows kernel font engine, followed by an analysis of two bug collisions with Keen Team and Hacking Team that ensued as a result...
CVE-2016-4472
CVE-2016-4472 affects the Expat XML parser: overflow protections can be removed by compilers with certain optimizations, allowing remote attackers to cause a crash or potentially execute code via crafted XML. The entry notes this stems from an incomplete fix for CVE-2015-1283 and CVE-2015-2716. C...
Riverbed SteelCentral Detection Consolidation
Consolidation of Riverbed SteelCentral detections. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
SOL82747025 - GraphicsMagick vulnerability CVE-2016-5118
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
expat2 -- denial of service
Adam Maris reports: It was found that original patch for issues CVE-2015-1283 and CVE-2015-2716 used overflow checks that could be optimized out by some compilers applying certain optimization settings, which can cause the vulnerability to remain even after applying the patch...
Is it possible to optimize SSH or SFTP connections?
QUESTION: Is it possible to optimize SSH or SFTP connections? ANSWER: SSH and SFTP are encrypted traffic: SSH one-time encrypted data stream and SFTP goes over the SSH port CloudBridge can only optimize with flow-control-only but won't be able to compress it...
CVE-2016-4053
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...
CVE-2016-4053
CVE-2016-4053 in Squid allowed public information disclosure of the server stack layout when processing ESI responses. The issue is documented across multiple advisories (Debian, Red Hat/CentOS, Fedora, Amazon ALAS) with fixes in various branches: Debians fixed squid3 3.1.20-2.2+deb7u5; Jessie/St...
American Fuzzy Lop Utilities: afl-utils
Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization afl-utils is a collection of utilities to assist fuzzing with american-fuzzy-lop afl . afl-utils includes tools for: automated crash sample collection, verification, reduction and analys...
Qemu Information Disclosure Vulnerability (CNVD-2016-02391)
QEMU is a suite of analog processor software. A vulnerability in Qemu's kvmvapic.c when using Task Priority Register TPR optimization allows a local attacker to exploit the vulnerability to obtain host-sensitive information...