OpenJDK: XML parsing Denial of Service (JAXP, 8017298)

A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an...

[SECURITY] Fedora 20 Update: qemu-1.6.0-10.fc20

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Fedora Update for qemu FEDORA-2013-18493

Check for the Version of qemu OpenVAS Vulnerability Test Fedora Update for qemu FEDORA-2013-18493 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[SECURITY] Fedora 19 Update: qemu-1.4.2-12.fc19

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 19 Update: qemu-1.4.2-12.fc19

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

DEBIAN-CVE-2013-4154

The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service NULL pointer dereference and crash via vectors related to "agent based cpu unplug," as demonstrated by the "virsh vcpucount foobar --guest" command...

iOS 7 lock screen vulnerability that can bypass the password to view the photos and other information containing operation step-the vulnerability warning-the black bar safety net

Apple's new iPhone 5S a major selling point is its safety features,including its new addition to the fingerprint processor and the next generation of iOS 7 built-in anti-theft feature. However, a since on behalf of iOS 6 will be any bug so far is still there,you can make everyone bypass the lock...

Microsoft Windows multiple security vulnerabilities

Unicode Scripts Processor memory corruption, RPC privilege escalation, kernel protection bypass and memory corruptions, IPv6 and NAT DoS...

CVE-2013-2076

CVE-2013-2076 affects Xen on AMD64: when running Xen 4.0.x/4.1.x/4.2.x on AMD64, FXSAVE/FXRSTOR saves only some x87/FPU state during a pending exception, enabling a domain to glean parts of another domain’s floating-point state and potentially sensitive data (e.g., cryptographic keys). Related fo...

CVE-2013-2076

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged t...

Phone Hack Could Block Messages, Calls on GSM Networks

By tweaking the firmware on certain kinds of phones, a hacker could make it so other phones in the area are unable to receive incoming calls or SMS messages, according to research presented at the USENIX Security Symposium earlier this month. The hack involves modifying the baseband processor on...

CVE-2013-3181

CVE-2013-3181 affects the Unicode Script Processor (USP10.DLL) used by Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability enables remote code execution via crafted OpenType fonts, described as the Uniscribe Font Parsing Engine Memory Corruption. Microsoft issued MS13-060 with patch...

MS13-060: Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869)

The version of Microsoft Windows installed on the remote host includes a vulnerable version of the Unicode Script Processor, also known as Uniscribe. Some font types are not parsed correctly, which can result in memory corruption. An attacker could exploit this by tricking a user into viewing a...

Microsoft Unicode Scripts Processor Remote Code Execution Vulnerability (2850869)

This host is missing an critical security update according to Microsoft Bulletin MS13-060. OpenVAS Vulnerability Test $Id: secpodms13-060.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Unicode Scripts Processor Remote Code Execution Vulnerability 2850869 Authors: Antu Sanadi Copyright: Copyright ...

Memory corruption

Cisco IOS XR allows local users to cause a denial of service Silicon Packet Processor memory corruption, improper mutex handling, and device reload by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347...

Cisco IOS XR Internet Control Message Protocol Denial of Service Vulnerability

Cisco IOS XR Software is affected by a denial of service DoS vulnerability that could allow an authenticated, local attacker to trigger a reload of the affected device by locally generating certain Internet Control Message Protocol ICMP messages. The vulnerability is due to a combination of Silic...

Squash YAML Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class Metasploit3 'Squash YAML Code...

[SECURITY] Fedora 18 Update: libreoffice-3.6.7.2-3.fc18

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

[SECURITY] Fedora 19 Update: libreoffice-4.1.0.3-2.fc19

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

Galil-RIO Modbus Denial Of Service

Exploit Title: Galil RIO-47100 Date: 05-01-2013 Exploit Author: Sapling Vendor Homepage: www.galilmc.com Version: Rio Firmware Prior to 1.1d CVE : CVE-2013-0699 ICSA: ICSA-13-116-01 / There are many different ways to crash this PLC but most of them are centralized around the repeating a request i...