1624 matches found
etnews.com XSS vulnerability
Vulnerable URL: http://www.etnews.com/tools/refreshscript.html?src='"--!...
Citrix Receiver refreshes and comes to foreground of the screen
Once Receiver is configured with URL it refreshes automatically. Change in refresh rate of the Receiver interrupts users when working on other apps...
Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1
Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1 Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 SP1. There is one update available for System Center 2012 SP1...
Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Virtual Machine Manager. Two updates are available for System Center 2012 R2 Virtual Machine Manager. One update i...
DEBIAN-CVE-2016-5277
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by leveraging improper interaction between...
Row Hammer Privilege Escalation - Lenovo Support US
No description provided...
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code or trigger a service denial.
Mozilla Firefox ESR’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating server permissions...
The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.
Mozilla Thunderbird’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. If exploited, an attacker can execute arbitrary code or cause service interruptions by manipulating server permissions...
openSUSE Security Update : clamav-database (openSUSE-2016-726)
This update for clamav-database refreshes the database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-726...
openSUSE Security Update : clamav-database (openSUSE-2016-451)
This update provides a database refresh for the clamav-database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)
It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...
RedHat Update for sssd RHSA-2015:2355-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2015-5225
Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...
Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface
A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vncrefreshserversurface routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process...
CVE-2015-5225
Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...
Mac OS X Multiple EFI Vulnerabilities (EFI Security Update 2015-001)
The remote Mac OS X host is running EFI firmware that is affected by multiple vulnerabilities : - An insufficient locking issue exists, when resuming from sleep states, which allows a local attacker to write to the EFI flash memory by using an crafted application with root privileges. CVE-2015-36...
Design/Logic Flaw
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message...
Memory corruption
Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service memory corruption, by...
CVE-2015-3710
CVE-2015-3710 affects Apple Mail on iOS <= 8.3/8.4? and OS X