6686 matches found
openSUSE Security Update : libqt5-qtbase / libqt5-qtdeclarative (openSUSE-2017-731)
This update for libqt5-qtbase and libqt5-qtdeclarative fixes the following issues : This security issue was fixed : - Prevent potential information leak due to race condition in QSaveFile bsc1034005. These non-security issues were fixed : - Fixed crash in QPlainTextEdit - Fixed Burmese rendering...
USN-3342-1: Linux kernel vulnerabilities
USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...
USN-3343-1 linux vulnerabilities
USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux...
[SECURITY] Fedora 25 Update: graphite2-1.3.10-1.fc25
Graphite2 is a project within SIL=EF=BF=BD=EF=BF=BD=EF=BF=BDs Non-Roman Scr ipt Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create =EF=BF=BD=EF=BF =BD=EF=BF=BDsmart...
DEBIAN-CVE-2014-8127
LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted TIFF image to the 1 checkInkNamesString function in tifdir.c in the thumbnail tool, 2 compresscontig function in tiff2bw.c in the tiff2bw tool, 3 putcontig8bitCIELab function in...
[SECURITY] Fedora 26 Update: graphite2-1.3.10-1.fc26
Graphite2 is a project within SIL=EF=BF=BD=EF=BF=BD=EF=BF=BDs Non-Roman Scr ipt Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create =EF=BF=BD=EF=BF =BD=EF=BF=BDsmart...
[SECURITY] Fedora 26 Update: webkitgtk4-2.16.4-1.fc26
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
Vaadin Framework 7.7.6 - 7.7.9 Javascript Injection Vulnerability
Vaadin Framework is prone to a Javascript injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vaadin:vaadin"...
[SECURITY] [DSA 3894-1] graphite2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3894-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2017 https://www.debian.org/security/faq -...
SUSE-SU-2017:1577-1 Security update for libqt5-qtbase, libqt5-qtdeclarative
This update for libqt5-qtbase and libqt5-qtdeclarative fixes the following issues: This security issue was fixed: - Prevent potential information leak due to race condition in QSaveFile bsc1034005. These non-security issues were fixed: - Fixed crash in QPlainTextEdit - Fixed Burmese rendering iss...
Fedora 24 : webkitgtk4 (2017-d39099ea6a)
This update addresses the following vulnerabilities : - CVE-2017-2496, CVE-2017-2539, CVE-2017-2510 Additional fixes : - Fix URL shown in the title of beforeunload dialogs. - Focus first input field of HTTP authentication dialog. - Fix rendering glitches in HiDPI in long GitHub Gist pages when...
[SECURITY] Fedora 24 Update: poppler-0.41.0-4.fc24
Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC...
CVE-2017-8524
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the...
Microsoft Windows Multiple Vulnerabilities (KB4022714)
This host is missing a critical security update according to Microsoft KB4022714 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...
[SECURITY] Fedora 26 Update: poppler-0.52.0-2.fc26
poppler is a PDF rendering library...
[SECURITY] Fedora 26 Update: webkitgtk4-2.16.3-1.fc26
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
Cross-site Scripting (XSS)
Moodle is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary JavaScript by uploading a zip file through the assignment submission function. This results in text and HTML being rendered during a download all action...
[SECURITY] Fedora 25 Update: poppler-0.45.0-3.fc25
Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC...
Fedora 25 : webkitgtk4 (2017-98bc28ae9e)
This update addresses the following vulnerabilities : - CVE-2017-2496, CVE-2017-2539, CVE-2017-2510 Additional fixes : - Fix URL shown in the title of beforeunload dialogs. - Focus first input field of HTTP authentication dialog. - Fix rendering glitches in HiDPI in long GitHub Gist pages when...