CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

Fedora 22 : tomcat-7.0.68-3.fc22 (2016-e6651efbaf)

Revert sysconfig migration changes, resolves: rhbz1311771, rhbz1311905 - Add /etc/tomcat/conf.d/ with shell expansion support, resolves rhbz1293636 ---- - Load sysconfig from tomcat.conf, resolves: rhbz1311771, rhbz1311905 - Set default javax.sql.DataSource factory to apache commons one, resolves...

Moderate: Red Hat Security Advisory: binutils security, bug fix, and enhancement update

Updated binutils packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Imgur: Reflected Flash XSS using swfupload.swf with an epileptic reloading to bypass the button-event

Hi, This was a fun one. So I noticed you're using swfupload.swf which is hosted on the main domain, imgur.com. This swfupload.swf as some settings you can use to modify the button on the upload. You can actually insert HTML into the Flash, but the button event that you select yourself using anoth...

openSUSE Security Update : gdk-pixbuf (openSUSE-2015-570)

gdk-pixbuf was updated to version 2.31.6 to fix a secuirty vulnerability and several bugs. - Update to version 2.31.6 boo942801 : + Really fix bgo752297. This is CVE-2015-4491. + Updated translations. - Update to version 2.31.5 : + Add support for gautoptr for all object types bgo750497. + Avoid ...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

SUSE-SU-2015:0478-1 Security update for postgresql93

postgresql93 was updated to version 9.3.6 to fix four security issues. These security issues were fixed: - CVE-2015-0241: Fix buffer overruns in tochar bnc916953. - CVE-2015-0243: Fix buffer overruns in contrib/pgcrypto bnc916953. - CVE-2015-0244: Fix possible loss of frontend/backend protocol...

CVE-2014-1273

dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library...

Design/Logic Flaw

dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library...

CVE-2014-1273

CVE-2014-1273 affects Apple iOS before 7.1 and Apple TV before 6.1. The issue in dyld arises from loading text relocation instructions in dynamic libraries, allowing bypass of code-signing requirements. Apple’s 7.1/6.1 updates address this by ignoring text relocation instructions during dynamic l...

CVE-2014-1273

dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library...

CentOS Update for tomcat6 CESA-2013:0869 centos6

Check for the Version of tomcat6 OpenVAS Vulnerability Test CentOS Update for tomcat6 CESA-2013:0869 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Kernel: drm/i915: heap writing overflow

Integer overflow in drivers/gpu/drm/i915/i915gemexecbuffer.c in the i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service heap-based buffer...

MS10-002 Internet Explorer Object Memory Use-After-Free

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS10-002 Internet...

Fedora 14 : zabbix-1.8.7-2.fc14 (2011-12489)

move the zabbix user home directory to the common zabbix package - fix https://support.zabbix.com/browse/ZBX-4099 - update to 1.8.7 - upstream changelog at http://www.zabbix.com/rn1.8.7.php - update to 1.8.7 - upstream changelog at http://www.zabbix.com/rn1.8.7.php - update to 1.8.7 - upstream...

Fedora 13 : fail2ban-0.8.4-27.fc13 (2011-5151)

fail2ban used predictable /tmp files which a local user can allocate before fail2ban does. All tmp files have been moved to /var/lib/fail2ban. This also helps with selinux policies. Another security related fix is that fail2ban defaulted to gamin which conflicts with selinux, so users had to...

Calling All Hackers - Grand Prize in Sunshine State "Hacktacular" Challenge !

Calling All Hackers - Grand Prize in Sunshine State "Hacktacular" Challenge ! Calling all hackers: Data Analyzers, LLC www.datanalyzers.com in Orlando, Florida, is hosting the Sunshine State "Hacktacular" Challenge with a big prize for the top competitor – a full-time job with benefits and...

python security, bug fix, and enhancement update

2.4.3-43 - add missing patch 206 Related: rhbz549372 2.4.3-42 - fix testpyclbr to match the urllib change in patch 204 patch 206 - allow the 'noproxy' environment variable to override 'ftpproxy' in urllib2 patch 207 - fix typos in names of patches 204 and 205 Related: rhbz549372 2.4.3-41 - backpo...

Mandriva Update for virt-manager MDVA-2010:029 (virt-manager)

Check for the Version of virt-manager OpenVAS Vulnerability Test Mandriva Update for virt-manager MDVA-2010:029 virt-manager Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Security fix for the ALT Linux 5 package ruby version 1.9.1-alt1.20090625

July 6, 2009 Sir Raorn 1.9.1-alt1.20090625 - SVN snapshot 20090625 AKA 1.9.1.203 + CVE-2009-1904: DoS vulnerability in BigDecimal module - All ruby-module-'s merged back to ruby-stdlibs and ruby-stdlibs-tk - Shared library moved back from /lib to /usr/lib - Disabled rubygems by default, use ruby...