31 matches found
Siemens RUGGEDCOM CROSSBOW Station Access Controller
SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station...
Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.4 security update
An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
FreeBSD : qemu -- stack buffer overflow while parsing SCSI commands (a267cd6c-b0c4-11e5-8d13-bc5ff45d0f28)
Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the SCSI device emulation support is vulnerable to a stack-based buffer overflow issue. It could occur while parsing SCSI command descriptor block with an invalid operation code. A privilegedCAPSYSRAWIO user inside...
FreeBSD : qemu -- denial of service vulnerability in MegaRAID SAS HBA emulation (b3f9f8ef-b1bb-11e5-9728-002590263bf5)
Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the SCSI MegaRAID SAS HBA emulation support is vulnerable to a stack-based buffer overflow issue. It occurs while processing the SCSI controller's CTRLGETINFO command. A privileged guest user could use this flaw to...
FreeBSD : qemu -- denial of service vulnerability in VNC (67feba97-b1b5-11e5-9728-002590263bf5)
Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the VNC display driver support is vulnerable to an arithmetic exception flaw. It occurs on the VNC server side while processing the 'SetPixelFormat' messages from a client. A privileged remote client could use this...
qemu -- denial of service vulnerability in Human Monitor Interface support
Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the Human Monitor InterfaceHMP support is vulnerable to an OOB write issue. It occurs while processing 'sendkey' command in hmpsendkey routine, if the command argument is longer than the 'keynamebuf' buffer size. A...
[SECURITY] [DLA 323-1] fuseiso security update
Package : fuseiso Version : 20070708-2+deb6u1 Debian Bug : 779047 The following two issues have recently been fixed in Debian LTS squeeze for the fuseiso package. Issue 1 An integer overflow, leading to a heap-based buffer overflow flaw was found in the way FuseISO, a FUSE module to mount ISO...
Mandriva Linux Security Advisory : yaml (MDVSA-2015:060)
Updated yaml packages fix security vulnerabilities : Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially crafted tag that, when...
qemu -- denial of service vulnerability in VNC
Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the VNC display driver is vulnerable to an infinite loop issue. It could occur while processing a CLIENTCUTTEXT message with specially crafted payload message. A privileged guest user could use this flaw to crash th...
Low: Red Hat Security Advisory: openstack-heat-templates security update
An updated openstack-heat-templates package that fixes three security issues is now available Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Important: Red Hat Security Advisory: libyaml security update
Updated libyaml packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
Important: Red Hat Security Advisory: libyaml security update
Updated libyaml packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
Fedora 20 : jansson-2.6-1.fc20 (2014-3778)
Florian Weimer of the Red Hat Product Security Team found that the hashing implementation in Jansson, a library for encoding, decoding and manipulating JSON data, was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause an application using Jansson to use an...
CentOS Update for udisks CESA-2014:0293 centos6
Check for the Version of udisks OpenVAS Vulnerability Test CentOS Update for udisks CESA-2014:0293 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
DSA-2875-1 cups-filters - security update
Bulletin has no description...
[SECURITY] [DSA 2850-1] libyaml security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2850-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 31, 2014 http://www.debian.org/security/faq -...
DSA-2850-1 libyaml - heap-based buffer overflow
Bulletin has no description...
socat -- buffer overflow with data from command line
Florian Weimer of the Red Hat Product Security Team reports: Due to a missing check during assembly of the HTTP request line a long target server name in the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that the attacker is able to provide the target server name t...
RHEL 5 : JBoss EAP (RHSA-2013:1784)
An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...
Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update
An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...