IBM Power 5 Service Processor privilege escalation vulnerability

Overview IBM Power 5 Service Processor contain a vulnerability which could allow an attacker to operate with elevated privileges. Description IBM's security advisory states, "A security issue has been identified on IBM Power 5 Systems such that the firewall code does not get executed in certain...

CVE-2012-2934

CVE-2012-2934 affects Xen 4.0/4.1 when a 64‑bit PV guest runs on older AMD CPUs; Xen fails to detect AMD Erratum #121, allowing a local unprivileged guest to cause a host hang (crash) via non‑canonical address handling. Debians/Red Hat advisories note mitigations: upgrade Xen to fixed releases (e...

DEBIAN-CVE-2012-6031

The dotmemget function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service CPU hang and host crash via unspecified vectors related to a spinlock being held in the "badcopy error path." NOTE: this issue was originally published as part o...

Code injection

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Panel Processor...

CVE-2012-3176

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Panel Processor...

CVE-2012-3176

CVE-2012-3176 affects Oracle PeopleSoft: PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52. The vulnerability is described as an unspecified issue in Panel Processor that could allow remote authenticated users to impact integrity with unknown vectors. The NVD data lis...

Fedora Update for qemu FEDORA-2012-15740

Check for the Version of qemu OpenVAS Vulnerability Test Fedora Update for qemu FEDORA-2012-15740 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[SECURITY] Fedora 17 Update: qemu-1.0.1-2.fc17

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

tomcat: large number of parameters DoS

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service CPU consumption via a request that contains many parameters and parameter values, a different vulnerability...

[SECURITY] Fedora 18 Update: qemu-1.2.0-3.fc18

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] [DSA 2545-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2545-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 08, 2012 http://www.debian.org/security/faq -...

UBUNTU-CVE-2012-3548

The dissectdrda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a small value for a certain length field in a capture file...

Fedora Update for qemu FEDORA-2012-11302

Check for the Version of qemu OpenVAS Vulnerability Test Fedora Update for qemu FEDORA-2012-11302 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Cisco IOS MallocLite BGP Update DoS

The remote Cisco IOS device is affected by a denial of service vulnerability due to a flaw in the MallocLite implementation. A remote attacker, via a BGP update message with a specially crafted local-preference attribute length, can cause the route processor to crash, resulting in a denial of...

[SECURITY] Fedora 17 Update: qemu-1.0.1-1.fc17

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 16 Update: qemu-0.15.1-7.fc16

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

CVE-2012-1367

The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service Route Processor crash via a BGP UPDATE message with a modified local-preference aka LOCALPREF attribute length, aka Bug ID CSCtq06538...

Scientific Linux Security Update : sysstat on SL5.x i386/x86_64

The sysstat package contains a set of utilities which enable system monitoring of disks, network, and other I/O activity. It was found that the sysstat initscript created a temporary file in an insecure way. A local attacker could use this flaw to create arbitrary files via a symbolic link attack...

jruby: hash table collisions DoS (oCERT-2011-003)

JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...

CentOS Update for kernel CESA-2011:1065 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...