[SECURITY] Fedora 23 Update: ansible1.9-1.9.6-1.fc23

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 22 Update: ansible1.9-1.9.6-1.fc22

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

Cisco Wireless LAN Controller Denial of Service Vulnerability (CNVD-2016-02517)

The Cisco WLC is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility. A denial of service vulnerability in the Bonjour Task Manager for Cisco Wireless LAN Controller WLC Software allows remote attackers ...

Qemu Information Disclosure Vulnerability (CNVD-2016-02391)

QEMU is a suite of analog processor software. A vulnerability in Qemu's kvmvapic.c when using Task Priority Register TPR optimization allows a local attacker to exploit the vulnerability to obtain host-sensitive information...

UBUNTU-CVE-2016-4020

The patchinstruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register TPR...

Jigsaw Ransomware Decryption Tool

Menacing ransomware called Jigsaw threatened to delete thousands of files an hour if victims didn’t pay 0.4 Bitcoins or $150. Worse, restarting your PC, according to the attackers, would also cost victims 1,000 deleted files. The icing on the cake was a menacing image of “Billy the Puppet” from t...

PT-2016-6829 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.1 Description: The issue allows local users to cause a denial of service, resulting in a NULL pointer dereference and system crash. This can be achieved by using an ABORT TASK command to abort a device write...

OAR Elevation of Privilege Vulnerability

OAR is a versatile resource and task manager for HPC clusters. An error in OAR's handling of the oarsh command allows a local attacker to exploit this vulnerability for elevation of privilege...

Any.do: To-Do List, Task List - Dangerous filesystem permissions, Exported ContentProvider, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Any.do: To-Do List, Task List published at the 'play' market has multiple vulnerabilities...

ES Task Manager (Task Killer ) - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application ES Task Manager Task Killer published at the 'play' market has multiple vulnerabilities...

Advanced Task Manager - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Advanced Task Manager published at the 'play' market has multiple vulnerabilities...

Advanced Task Killer - Exported components, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Advanced Task Killer published at the 'play' market has multiple vulnerabilities...

Task Manager (Task Killer) - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Task Manager Task Killer published at the 'play' market has multiple vulnerabilities...

Reminders - Task reminder app - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Reminders - Task reminder app published at the 'play' market has multiple vulnerabilities...

Apple Mac OSX iOS - SUID Binary Logic Error Kernel Code Execution

Apple Mac OSX iOS - SUID Binary Logic Error Kernel Code Execution Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=676 tl;dr The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first swapping the new vmmap into the...

Race you to the kernel!

Posted by Ian Beer of Google Project Zero The OS X and iOS kernel code responsible for loading a setuid root binary invalidates the old task port after first swapping the new virtual memory map pointer into the old task object, leaving a short race window where you can manipulate the memory of an...

DEBIAN-CVE-2015-8793

Cross-site scripting XSS vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter in a mail task to the default URL, a different vulnerability than CVE-2011-2937...

UBUNTU-CVE-2015-8793

Cross-site scripting XSS vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter in a mail task to the default URL, a different vulnerability than CVE-2011-2937...

UBUNTU-CVE-2016-1922

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via 1 an SNMP OID object, 2 an SNMP trap message, 3 the View Names field, 4 the Group Names field, 5 the Flow Monitor Credentials field, 6 the Flow...