CVE-2016-8365

OSIsoft PI System software Applications using PI Asset Framework AF Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit SDK versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI...

Investors concerned about smartphone addiction; Apple responds with new webpage

Hot on the heels of an open letter from investors urging Apple to do more to protect children from smartphone addiction, the tech giant has recently dedicated a page on their website to families. The "Families" page, which can be accessed at apple.com/families, contains tools parents can use to s...

CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2018:0349)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

SUSE SLES11 Security Update : ncurses (SUSE-SU-2018:0178-1)

This update for ncurses fixes the following issues: Security issue fixed : - CVE-2017-13733: Fix illegal address access in the fmtentry function bsc1056127. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

Denial of Service Vulnerability in Zhejiang Dahua Playback Library SDK (CNVD-2018-01922)

Playback Library SDK is a development kit based on Dahua's private code stream encapsulation protocol developed to serve network DVRs, network video servers, network cameras, network dome cameras, intelligent devices and other products. A denial-of-service vulnerability exists in dhplay.dll in th...

Application fuzzing in the era of Machine Learning and AI

Proactively testing software for bugs is not new. The earliest examples date back to the 1950s with the term fuzzing. Fuzzing as we now refer to it is the injection of random inputs and commands into applications. It made its debut quite literally on a dark and stormy night in 1988. Since then,...

RHEL 6 : java-1.8.0-ibm (RHSA-2017:3453)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3453 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2017:3392)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

BlackBerry QNX Software Development Platform Elevation of Privilege Vulnerability

The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An elevation of privilege vulnerability exists in the default configuration of QNX SDP in BlackBerry QNX SDP...

BlackBerry QNX Software Development Platform Information Disclosure Vulnerability

The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of QNX SDP in BlackBerry QNX SDP...

CVE-2017-9371

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...

CVE-2017-3892

In BlackBerry QNX Software Development Platform SDP 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs...

Buffer overflow

In BlackBerry QNX Software Development Platform SDP 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks...

Default configuration

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...

Information disclosure

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

CVE-2017-9371

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...

CVE-2017-3893 Incomplete vulnerability mitigations

In BlackBerry QNX Software Development Platform SDP 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks...

RHEL 7 : java-1.7.0-oracle (RHSA-2017:3046)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3046 advisory. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades...

Important: Red Hat Security Advisory: java-1.7.0-oracle security update

An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...