UBUNTU-CVE-2016-1586

A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3...

USN-3098-1 linux vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3099-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3099-4 advisory. Vladimr Bene discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote...

IBM WebSphere MQ Denial of Service Vulnerability (Sep 2016)

IBM WebSphere MQ is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

IBM WebSphere MQ Denial of Service Vulnerability (CNVD-2016-08271)

IBM WebSphere MQ is a messaging middleware product from IBM, USA. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM WebSphere MQ, which can be exploited by remote attackers to cause a...

Vulnerability is a combination punch--attack of distributed nodes-the vulnerability of early warning-the black bar safety net

Distributed systems mostly rely on the message queue middleware to solve the asynchronous processing, the application of coupled problems such as Message Queuing middleware of choice in turn depends on the overall system design and implementation, message packaging, transmission, processing throu...

Authentication flaw

IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service channel outage by leveraging queue-manager rights...

CVE-2016-0379

IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service channel outage by leveraging queue-manager rights...

swarm - A Modular Distributed Penetration Testing Tool

Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system and use MongoDB for data storage. It consists of a distributed framework and function modules. The function module can be an entirely new...

CVE-2016-5879

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted 1 Disaster Recovery or 2 High Availability command...

IBM MQ Appliance Local Command Execution Vulnerability

The IBM MQ Appliance is a solution that supports IBM MQ deployment for new use cases and simplifies existing deployment options. A local command execution vulnerability exists in IBM MQ Appliance. A local attacker is allowed to exploit the vulnerability to execute arbitrary commands and obtain...

QEMU 'Transmit(tx) Queue' Handling Information Disclosure Vulnerability

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. An information disclosure vulnerability exists in the QEMU 'Transmittx Queue' processing, which allows attackers to exploit the vulnerability to obtain sensitive...

DEBIAN-CVE-2016-0782

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

Cross site scripting

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

CVE-2016-0782

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

CVE-2016-0782

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability (cisco-sa-20160804-wedge)

A vulnerability in the processing of Network Time Protocol NTP packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service DoS condition on the affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions...

activemq: Cross-site scripting vulnerabilities in web console

It was found that Apache Active MQ administration web console did not validate input correctly when creating a queue. An authenticated attacker could exploit this flaw via cross-site scripting and use it to access sensitive information or further attacks...

CVE-2016-0260

Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service heap memory consumption by triggering many errors...

CVE-2016-0260

Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service heap memory consumption by triggering many errors...