Fedora 24 : 2:qemu (2016-a80eab65ba)

CVE-2016-4002: net: buffer overflow in MIPSnet bz 1326083 - CVE-2016-4952 scsi: pvscsi: out-of-bounds access issue - CVE-2016-4964: scsi: mptsas infinite loop bz 1339157 - CVE-2016-5106: scsi: megasas: out-of-bounds write bz 1339581 - CVE-2016-5105: scsi: megasas: stack information leakage bz...

Fedora 22 : 2:qemu (2016-ea3002b577)

CVE-2016-4002: net: buffer overflow in MIPSnet bz 1326083 - CVE-2016-4952 scsi: pvscsi: out-of-bounds access issue - CVE-2016-5106: scsi: megasas: out-of-bounds write bz 1339581 - CVE-2016-5105: scsi: megasas: stack information leakage bz 1339585 - CVE-2016-5107: scsi: megasas: out-of-bounds read...

Microsoft Graphics Component Information Disclosure Vulnerability (3013126)

This host is missing an important security update according to Microsoft Bulletin MS14-085. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

OpenSSL -- multiple vulnerabilities

The OpenSSL Project reports: A flaw in OBJobj2txt may cause pretty printing functions such as X509nameoneline, X509nameprintex et al. to leak some information from the stack. CVE-2014-3508 The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer...

DEBIAN-CVE-2013-4361

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction...

CVE-2013-4361

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction...

CVE-2013-4361

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction...

CVE-2013-4361

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction...

USN-1811-1: Linux kernel (OMAP4) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1768-1)

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

kernel: ebtables stack infoleak

The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...

PHP < 4.4.5/5.2.1 - WDDX Session Deserialization Information Leak

A1"; $keys = arraykeys$SESSION; $stackdump = $keys1; echo "Stackdump\n---------\n\n"; for $b=0; $...