Scientific Linux Security Update : kernel on SL7.x x86_64 (20160216)

It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. CVE-2015-7872, Important - A flaw was found in the way the Linux kernel...

CentOS 7 : kernel (CESA-2016:0185)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

389-ds-base: worker threads do not detect abnormally closed connections causing DoS

An infinite-loop vulnerability was discovered in the 389 directory server, where the server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and st...

Warning — Setting This Date On iPhone Or iPad Will Kill Your Device Permanently

Don’t Try this at Home! An interesting software bug has been discovered in Apple's iOS operating system that could kill your iPhone, iPad or iPod Dead Permanently. Yes, you heard me right. An issue with the date and time system in iOS had emerged recently when Reddit users started warning people...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

[SECURITY] Fedora 22 Update: qemu-2.3.1-11.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Hacking Smartphones Running on MediaTek Processors

A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely. MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets. The backdoor was discovered by security...

Ruby on Rails activesupport远程拒绝服务漏洞

Impact Specially crafted XML documents can cause applications to raise a SystemStackError and potentially cause a denial of service attack. This only impacts applications using REXML or JDOM as their XML processor. Other XML processors that Rails supports are not impacted. All users running an...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

expat: hash table collisions CPU usage DoS

A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

[SECURITY] Fedora 23 Update: qemu-2.4.1-5.fc23

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

ownCloud Server Denial of Service Vulnerability (CNVD-2016-00188)

OwnCloud is a free and open source personal cloud storage solution from German company OwnCloud, which provides file management, music storage, calendaring, etc. OwnCloud Server is a server version. A security vulnerability exists in ownCloud Server, which stems from the failure of the...

[SECURITY] Fedora 22 Update: qemu-2.3.1-9.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

IBM Mashups Center Denial of Service Vulnerability

IBM Mashups Center is a suite of platforms for business and IT people to create, publish, modify and share Web applications from IBM in the United States. A denial of service vulnerability exists in IBM Mashups Center. An attacker can exploit this vulnerability to consume CPU resources and cause ...