16 matches found
EUVD-2014-3104
Malware in sbrugna...
About the security content of macOS Ventura 13.7.1
About the security content of macOS Ventura 13.7.1 This document describes the security content of macOS Ventura 13.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579)
Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability...
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
Summary There are security vulnerabilities in versions of Linux Kernel that are shipped with versions of IBM Elastic Storage System. A fix for these vulnerabilities is available. Vulnerability Details CVEID: CVE-2020-14385 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by ...
RHEL 7 : Satellite 6.8 (Important) (RHSA-2020:4366)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4366 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring...
CVE-2020-19878
DBHcms v1.2.0 has a sensitive information leaks vulnerability as there is no security access control in /dbhcms/ext/news/ext.news.be.php, A remote unauthenticated attacker can exploit this vulnerability to get path information...
CVE-2020-19878
CVE-2020-19878 affects DBHcms v1.2.0. The vulnerability is an information-disclosure due to missing security access control in the path /dbhcms/ext/news/ext.news.be.php, allowing a remote unauthenticated attacker to obtain path information. Connected sources corroborate the description across NVD...
KLA11550 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in...
Security Bulletin: : Vulnerabilities in OpenSSL affect IBM Security Guardium (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Guardium. IBM Security Guardium has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of service, cause...
SUSE-SU-2018:0455-1 Security update for quagga
This update for quagga fixes the following security issues: - The Quagga BGP daemon contained a bug in the ASPATH size calculation that could have been exploited to facilitate a remote denial-of-service attack via specially crafted BGP UPDATE messages. CVE-2017-16227, bsc1065641 - The Quagga BGP...
MGASA-2016-0364 Updated kernel-tmb package fixes security issues
This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the...
KLA10846 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities ...
USN-2843-1: Linux kernel vulnerabilities
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...
SuSE 11.3 Security Update : apache2 (SAT Patch Number 10533)
The Apache2 webserver was updated to fix various issues. The following feature was added : - Provide support for the tunneling of web socket connections to a backend websockets server. FATE316880 The following security issues have been fixed : - The modheaders module in the Apache HTTP Server...
CVE-2005-4703
Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto...
Linux Kernel: Multiple information leaks
Background The Linux kernel is responsible for managing the core aspects of a GNU/Linux system, providing an interface for core system applications as well as providing the essential structure and capability to access hardware that is needed for a running system. Description The Linux kernel allo...