[SECURITY] Fedora 22 Update: qemu-2.3.1-9.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 23 Update: qemu-2.4.1-3.fc23

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

windows-processes.thefile.net XSS vulnerability

Vulnerable URL: http://windows-processes.thefile.net/regdet.php?id=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 10:37 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

GEOVAP Reliance 4 Control Server Unquoted Service Path Elevation Of Privilege

Summary Reliance is a professional SCADA/HMI system designed for the visualization and control of industrial processes and for building automation. Description The application suffers from an unquoted search path issue impacting the service 'RelianceOpcDaWrapper' for Windows deployed as part of...

krb5: unauthenticated denial of service in recvauth_common() and others

It was found that the krb5readmessage function of MIT Kerberos did not correctly sanitize input, and could create invalid krb5data objects. A remote, unauthenticated attacker could use this flaw to crash a Kerberos child process via a specially crafted request...

[SECURITY] Fedora 23 Update: tubo-5.0.15-3.fc23

The Libtubo library is small and simple function set to enable a process to run any other process in the background and communicate via the std-out, std-err and std-in file descriptors. This library is used by Rodent file-manager but is also available here for other programs to use freely...

Reflected Cross-Site Scripting (XSS) in iTop

Advisory ID: HTB23268 Product: iTop Vendor: Combodo SARL Vulnerable Versions: 2.1.0-2127 and probably prior Tested Version: 2.1.0-2127 Advisory Publication: July 29, 2015 without technical details Vendor Notification: July 29, 2015 Vendor Patch: July 30, 2015 Public Disclosure: September 23, 2015...

The vulnerability of the Android operating system allows a hacker to bypass existing access restrictions and obtain information about ongoing processes.

The vulnerability of the getRunningAppProcesses function in the Android operating system is related to lack of access control. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and obtain information about running processes through a specially crafted...

[SECURITY] Fedora 23 Update: qemu-2.4.0.1-1.fc23

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

The vulnerability of the iOS operating system allows a hacker to bypass existing security mechanisms and scan ports of random processes.

The vulnerability of the processorsettasks component in the iOS operating system is related to access control deficiencies. Exploiting this vulnerability could allow an attacker acting locally to bypass existing security mechanisms and scan ports of random processes...

[SECURITY] Fedora 23 Update: qemu-2.4.0-4.fc23

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 22 Update: qemu-2.3.1-3.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Design/Logic Flaw

The processorsettasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges...

CVE-2015-5882

The processorsettasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges...

powerdns: denial of service

A bug was found in the PowerDNS Authoritative Server DNS packet parsing/generation code, which, when exploited, can cause individual threads disabling service or whole processes allowing a supervisor to restart them to crash with just one or a few query packets...

Ganglia Web Frontend 3.5.1 - PHP Code Execution

Ganglia Web Frontend 3.5.1 - PHP Code Execution...

Apple OS X Zero Day Remains Unpatched

A recently disclosed kernel-level zero-day vulnerability in Mac OS X Yosemite and Mavericks remains unpatched, though reports say Apple is developing and testing a patch. Luca Todesco, an 18-year-old security researcher from Italy, on Sunday dropped details and proof-of-concept code about the...

[SECURITY] Fedora 22 Update: qemu-2.3.1-1.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Honeywell Midas Gas Detector Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 5, 2015, and is being released to the ICS-CERT web site. Independent researcher Maxim Rupp has identified two vulnerabilities in Honeywell’s Midas gas detector. Honeywell has produced firmware versions t...

Rig Exploit Kit 3.0 Claims 1 Million Malvertising Victims

LAS VEGAS – A rampant malvertising campaign fueled by a new version of the Rig Exploit Kit has claimed at least 950,000 victims worldwide and is doing so with an unprecedented success rate. Researchers at Trustwave said in advance of this week’s Black Hat conference that they have been watching...