Linux kernel denial of service vulnerability (CNVD-2016-02592)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the imspcuparsecdcdata function in the drivers/input/misc/ims-pcu.c file in Linux kernel version 3.10, which can be exploited by a...

The vulnerability of the PHP interpreter allows attackers to obtain confidential information or cause service failures.

The vulnerability of the pharparsezipfile function in zip.c of the PHP PHAR interpreter is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to obtain confidential information or cause a service failure such as out-of-memory reading or application termination by placi...

HackerOne: Previous attachments can be referenced when creating a new report

Hello When user upload file in comment to report, user can find file ID by two ways: 1. In preview mode - In response to POST method https://hackerone.com/attachments , answer will be something like this: -"id":84577,"name":"mytestfile.png","size":32397 where fileID = 84577 for example 2. If user...

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the Android operating system’s mediaserver component is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption by using a specially crafted media file associated with...

PHP PHAR extension 'phar_parse_zipfile' function buffer overflow vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.PHAR is one of the archived extensions. A security vulnerability exists in the 'pharparsezipfile' function in the zip.c file of PHP's PHAR extension, which allows a remote...

UBUNTU-CVE-2016-3142

The pharparsezipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and application crash by placing a PK\x05\x06 signature at an inval...

CVE-2016-0816

mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, related to decoder/ih264dparseislice.c and decoder/ih264dparsepslice.c, aka internal bug 25928803...

Fedora 21 : perl-IPTables-Parse-1.5-2.fc21 (2015-240dd21cb6)

Update to IPTables-Parse-1.5 - Fix use of predictable temporary file names Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 22 : perl-IPTables-Parse-1.5-2.fc22 (2015-30f080e459)

Update to IPTables-Parse-1.5 - Fix use of predictable temporary file names Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 23 : perl-IPTables-Parse-1.5-2.fc23 (2015-0c153d3319)

Update to IPTables-Parse-1.5 - Fix use of predictable temporary file names Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

New Relic: Html injection in monitor name textbox

payload in monitor name textbox : image tag is executed in Monitot failed email fix : Need to done secure parse encode in monitor name textbox to prevent html injection in email...

Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08327)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in the 'RTPReceiverVideo::ParseRtpPacket' function in Mozilla...

IPTables-Parse 'IPTables/Parse.pm' Insecure Temporary File Creation Vulnerability

IPTables-Parse is a Perl extension for parsing iptables and ip6tables firewall rules. An insecure temporary file creation vulnerability exists in IPTables-Parse versions prior to 1.6. A local attacker can exploit this vulnerability to perform a symbolic link attack to overwrite arbitrary files in...

Amazon Linux: Security Advisory (ALAS-2015-627)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : perl-IPTables-Parse (ALAS-2015-627)

A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. C Tenable Network Security, Inc. The descriptive te...

Low: perl-IPTables-Parse

Issue Overview: A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. Affected Packages:...

Fedora Update for perl-IPTables-Parse FEDORA-2015-240

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: perl-IPTables-Parse-1.5-2.fc21

The IPTables::Parse package provides an interface to parse iptables rules on Linux systems through the direct execution of iptables commands, or from parsing a file that contains an iptables policy listing. You can get the current policy applied to a table/chain, look for a specific user-defined...

Fedora Update for perl-IPTables-Parse FEDORA-2015-30

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: perl-IPTables-Parse-1.5-2.fc22

The IPTables::Parse package provides an interface to parse iptables rules on Linux systems through the direct execution of iptables commands, or from parsing a file that contains an iptables policy listing. You can get the current policy applied to a table/chain, look for a specific user-defined...