Google Pixel C NVIDIA GPU Driver elevation of privilege vulnerability (CNVD-2016-11127)

The Google Pixel C is a tablet computer from Google, U.S.A. The NVIDIA GPU driver is an NVIDIA graphics processor driver component used in the... An elevation of privilege vulnerability exists in the Google Pixel C NVIDIA GPU Driver. An attacker can exploit the vulnerability to execute arbitrary...

[SECURITY] Fedora 24 Update: qemu-2.6.2-2.fc24

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 25 Update: qemu-2.7.0-4.fc25

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

QDSP6v2 Voice Service driver for the Linux kernel denial-of-service vulnerability

Qualcomm Innovation Center QuIC Android contributions for MSM is a Qualcomm silicon product for the MSM program to support users in building Android-based platforms with other enhancements.QDSP6v2 Voice Service driver for the Linux kernel is an audio driver for the Linux kernel. The QDSP6v2 Voice...

Android Qualcomm QDSP6v2 Driver Information Disclosure Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA.Qualcomm QDSP6v2 driver is one of the Qualcomm digital signal processor drivers. An information disclosure vulnerability exists in the drivers/misc/qcom/qdsp6v2/audioutils.c file in...

WSO2 Carbon Products Detection (HTTP)

HTTP based detection of WSO2 Carbon products. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Google Chrome Protocol Processor Security Bypass Vulnerability

Google Chrome is a popular web browser. A security bypass vulnerability exists in the Google Chrome protocol processor. An attacker could exploit this vulnerability to bypass security restrictions...

Google to Launch 'Andromeda OS' — An Android-Chrome OS Hybrid

Google's long-rumored Android-Chrome hybrid operating system is expected to debut at the company's upcoming hardware event on October 4. The company has been working to merge the two OSes for roughly 3 years with a release planned for 2017, but an "early version" to show things off to the world i...

Cisco IOS XR NCS 6000 Packet Timer Leak DoS (cisco-sa-20160713-ncs6k)

The version of Cisco IOS XR running on the remote NCS 6000 device is affected by a denial of service vulnerability due to improper management of system timer resources. An unauthenticated, remote attacker can exploit this, via numerous management connections to the affected device, to consume...

Red Hat OpenShift Enterprise Denial of Service Vulnerability (CNVD-2016-07357)

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, U.S. OpenShift Enterprise is an open source version of the private cloud. A denial of service vulnerability exists in Minimatch in Red Hat OpenShift Enterprise versions 3.1 and 3.2. An attacker could exploit...

Dynamic Instrumentation Tool Platform: DynamoRIO

Dynamic Instrumentation Tool Platform DynamoRIO is a runtime code manipulation system that supports code transformations on any part of a program, while it executes. DynamoRIO exports an interface for building dynamic tools for a wide variety of uses: program analysis and understanding, profiling...

This Open Source 25-Core Processor Chip Can Be Scaled Up to 200,000-Core Computer

Researchers have designed a new computer chip that promises to boost the performance of computers and data centers while processing applications in parallel. Princeton University researchers have developed a 25-core open source processor, dubbed Piton named after the metal spikes used by rock...

nodejs-minimatch: Regular expression denial-of-service

A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU...

mysql: unspecified vulnerability in subcomponent: Server: PS (CPU April 2016)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS...

iOS 9.3.4 Patches Critical Code Execution Flaw

Apple last week patched a critical iOS memory corruption vulnerability that could allow attackers to execute code on compromised devices. The flaw was found by Team Pangu, a Chinese hacker group that specializes in building iOS jailbreak tools. The vulnerability is fixed in iOS 9.3.4. “An...

Apple Launches Bug Bounty with Maximum $200,000 Reward

LAS VEGAS—Apple closed out Black Hat today with a long-awaited announcement that next month it will launch a bug bounty. The Apple Security Bounty will be an invitation-only program, open to two dozen researchers at the outset, said Ivan Krstic, head of security engineering and architecture. The...

SMM "Incursion" Attack

Lenovo Security Advisory: LEN-2015-002 Potential Impact: Execute arbitrary code, Bypass Secure Boot, Denial of Service, Escalation of Privilege Severity: Medium Summary: Some BIOS implementations permit unsafe System Management Mode SMM function calls to memory locations outside of System...

CVE-2016-5465

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Panel Processor...

CVE-2016-5465

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Panel Processor...

CVE-2016-5458

Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL...