Cybozu KUNAI for Android information management vulnerability

Overview Cybozu KUNAI for Android is a mobile client software for using Cybozu from an Android device. Cybozu KUNAI for Android provides a function to output log information when synchronizing data with Cybozu, however the function is disabled by default. Cybozu KUNAI for Android contains an issu...

JVN#88745657: Cybozu KUNAI for Android information management vulnerability

Cybozu KUNAI for Android is a mobile client software for using Cybozu from an Android device. Cybozu KUNAI for Android provides a function to output log information when synchronizing data with Cybozu, however the function is disabled by default. Cybozu KUNAI for Android contains an issue where i...

[SECURITY] Fedora 25 Update: calibre-2.78.0-1.fc25

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

[SECURITY] Fedora 24 Update: calibre-2.78.0-1.fc24

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

Tmp files readable by other users

Overview Affected versions of sync-exec use files located in /tmp/ to buffer command results before returning values. As /tmp/ is almost always set with world readable permissions, this may allow low privilege users on the system to read the results of commands run via sync-exec under a higher...

Update Rollup 11 for System Center 2012 R2 Data Protection Manager

Update Rollup 11 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 R2 Data Protection Manager. It also contains the installation instructions for this update. Note We recommend that...

Design/Logic Flaw

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

DEBIAN-CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

CVE-2016-7433

CVE-2016-7433 affects ntpd (ntp) prior to 4.2.8p9. Root cause: initial sync calculations regression where the root distance did not include peer dispersion. This can cause incorrect timing calculations, with documented potential for denial of service or disruption. Remediation: upgrade ntp to 4.2...

CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

UBUNTU-CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

MS17-002: Description of the security update for SharePoint Server 2016: January 10, 2017

MS17-002: Description of the security update for SharePoint Server 2016: January 10, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, se...

High network usage after you implement file screening on a Windows Server 2012 R2-based Work Folders sync server

High network usage after you implement file screening on a Windows Server 2012 R2-based Work Folders sync server This article describes an issue that occurs on a Windows Server 2012 R2-based Work Folders sync server. You can fix this issue by using the update in this article. Before you install...

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:3195-1)

This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...

CVE-2016-7944

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INTMAX, which triggers the client to stop reading data and get out of sync...

Sync Breeze Enterprise Buffer Overflow Vulnerability

Sync Breeze Enterprise is a file synchronization utility that allows you to synchronize and manage the disk files of your networked computers, mainly used to categorize, save and manage files. A buffer overflow vulnerability exists in Sync Breeze Enterprise version 9.1.16, which can be exploited ...

Downloads Resources over HTTP

Overview Affected versions of bionode-sra insecurely downloads resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on...