67 matches found
Xen Handling Logic Error Vulnerability
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A processing logic error vulnerability...
ntp: DoS on client ntpd using server mode packet
A flaw was found in the Network Time Protocol NTP, where a security issue exists that allows an off-path attacker to prevent the Network Time Protocol daemon ntpd from synchronizing with NTP servers not using authentication. A server mode packet with a spoofed source address sent to the client nt...
Debian DLA-2201-1 : ntp security update
A Denial of Service DoS vulnerability was discovered in the network time protocol server/client, ntp. ntp allowed an 'off-path' attacker to block unauthenticated synchronisation via a server mode packet with a spoofed source IP address because transmissions were rescheduled even if a packet lacke...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
SUSE SLES12 Security Update : smt, yast2-smt (SUSE-SU-2018:2898-2)
This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues : These security issues were fixed in SMT : CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read bsc1103809. CVE-2018-12470: SQL injection in...
SUSE-SU-2018:2902-1 Security update for yast2-smt
This update fixes the following issues in yast2-smt: - Explicitly mention 'Organization Credentials' fate321759 - Rearrange the SMT set-up dialog bsc977043 - Added missing translation marks bsc1037811 - Remove cron job rescheduling bsc1097560 This update is a requirement for the security update f...
Adobe Flash Player security update September 2014
Adobe today released an updated Flash Player that patched a dozen vulnerabilities, and also announced that a scheduled security update for Reader and Acrobat has been postponed to the week of Sept. 15. Today’s release, which coincides with Microsoft’s monthly scheduled security updates, patches...