Information disclosure

The client in OpenAFS before 1.6.17 does not properly initialize the 1 AFSStoreStatus, 2 AFSStoreVolumeStatus, 3 VldbListByAttributes, and 4 ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic...

Apple QuickTime 7.7.79.80.95 - .PSD Parsing Memory Corruption

Apple QuickTime 7.7.79.80.95 - .PSD Parsing Memory Corruption Application: Apple Quicktime Platforms: Windows, OSX Versions: before version 7.7.79.80.95 Author: Francis Provencher of COSIG Website: http://www.protekresearchlab.com/ Twitter: @COSIG @protekresearch CVE-2016-1769 1 Introduction 2...

AIX 7.1 TL 3 : libxml2 (IV80586)

The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities : - A heap-based buffer overflow condition exists in the xmlParseEntityDecl and xmlParseConditionalSections functions within file parser.c due to a failure to properly stop parsing invalid...

CVE-2016-2538

Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...

AIX 5.3 TL 12 : libxml2 (IV80617)

The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities : - A heap-based buffer overflow condition exists in the xmlParseEntityDecl and xmlParseConditionalSections functions within file parser.c due to a failure to properly stop parsing invalid...

CVE-2015-8948

idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read...

Adobe Acrobat/Reader Memory Disclosure Vulnerability (CNVD-2015-06749)

Adobe Reader/Acrobat is a popular application for working with PDF files. A memory disclosure vulnerability exists in Adobe Reader/Acrobat. An attacker is allowed to construct a malicious PDF file and trick the user into parsing it, which can obtain sensitive memory information...

Adobe Acrobat/Reader Memory Disclosure Vulnerability (CNVD-2015-06752)

Adobe Reader/Acrobat is a popular application for working with PDF files. A memory disclosure vulnerability exists in Adobe Reader/Acrobat. An attacker is allowed to construct a malicious PDF file and trick the user into parsing it, which can obtain sensitive memory information...

CVE-2015-5870

The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensitive memory-layout information via unspecified vectors...

CVE-2015-5870

The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensitive memory-layout information via unspecified vectors...

Adobe Flash Player Memory Leakage Vulnerability

Adobe Flash Player is a Flash file processing program.Adobe AIR is a cross-operating system runtime library produced by Adobe, through which developers can take advantage of existing Web development technology. A memory disclosure vulnerability exists in Adobe Flash Player, which allows attackers...

Ubuntu: Security Advisory (USN-2667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-3766

The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the machportspaceinfo interface, which allows attackers to obtain sensitive memory-layout information via a crafted app...

Ubuntu: Security Advisory (USN-2661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : linux vulnerability (USN-2660-1)

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory...

Ubuntu: Security Advisory (USN-2666-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2663-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2663-1 advisory. Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this fla...

USN-2665-1: Linux kernel (Vivid HWE) vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

USN-2662-1: Linux kernel (Trusty HWE) vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A race condition was discovered in the Linux kernel's filehandle size...

CVE-2015-3721

The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app...