[SECURITY] Fedora 22 Update: fusionforge-5.3.2-4.fc22

FusionForge provides many tools to aid collaboration in a development project, such as bug-tracking, task management, mailing-lists, SCM repository, forums, support request helper, web/FTP hosting, release management, etc. All these services are integrated into one web site and managed through a...

[SECURITY] Fedora 21 Update: fusionforge-5.3.2-4.fc21

FusionForge provides many tools to aid collaboration in a development project, such as bug-tracking, task management, mailing-lists, SCM repository, forums, support request helper, web/FTP hosting, release management, etc. All these services are integrated into one web site and managed through a...

CVE-2015-2830

arch/x86/kernel/entry64.S in the Linux kernel before 3.19.2 does not prevent the TSCOMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the 1 fork or 2 close system call, as demonstrated b...

CVE-2015-2830

arch/x86/kernel/entry64.S in the Linux kernel before 3.19.2 does not prevent the TSCOMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the 1 fork or 2 close system call, as demonstrated b...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt44

3:11-alt44 built May 15, 2015 Sergey V Turchin in task 144380 May 14, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084, CVE-2015-3085, CVE-2015-3086,...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream -longterm 3.14.41 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access...

ManageEngine Applications Manager MaintenanceTaskAPIUtil Remote Code Execution Vulnerability

ZOHO ManageEngine Applications Manager is a set of application performance monitoring software from ZOHO. The software allows remote monitoring and management of different business systems, applications and network services e.g. servers, operating systems, etc.. A remote code execution...

openstack-glance: potential resource exhaustion and denial of service using images manipulation API

Multiple flaws were found in the glance task API that could cause untracked image data to be left in the back end. A malicious user could use these flaws to deliberately accumulate untracked image data, and cause a denial of service via resource exhaustion...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that 1 delete a batch job record or 2 execute a task via unspecified vectors...

CVE-2015-3350

Cross-site request forgery CSRF vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors...

Microsoft patch day 2015-4-14: the repair of many high-risk IE, Windows, Office vulnerabilities-vulnerability warning-the black bar safety net

Monthly the second Tuesday, Microsoft fixed the patch to fix the day, Microsoft on Tuesday（2015-4-14 the“patch day”on repairing a large number of vulnerabilities, which includes many IE, Windows, Office, high-risk vulnerabilities. Update announcement MS15-0 3 4 announcement MS15-0 3 4 announcemen...

Microsoft Task Scheduler Elevation of Privilege Vulnerability

Windows is a windowed operating system developed by Microsoft Corporation in the United States. Microsoft Task Scheduler is used for task scheduling. Due to the presence of invalid tasks on some systems, Task Scheduler is implemented with an elevation of privilege vulnerability. Exploiting this...

MS15-037: Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (3046269)

The remote Windows host is affected by a privilege escalation vulnerability due to improper handling of invalid tasks in the Task Scheduler. If a known invalid task is present on the system, a local attacker can exploit the task to cause Task Scheduler to execute a crafted application with System...

Privilege escalation

Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges by triggering application execution by an invalid task, aka "Task Scheduler Elevation of Privilege Vulnerability."...

CVE-2015-0098

Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges by triggering application execution by an invalid task, aka "Task Scheduler Elevation of Privilege Vulnerability."...

CVE-2015-0098

Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges by triggering application execution by an invalid task, aka "Task Scheduler Elevation of Privilege Vulnerability."...

CVE-2015-0098

The CVE-2015-0098 issue affects Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1, specifically Task Scheduler. The root cause is improper handling of invalid tasks, allowing a local attacker to cause Task Scheduler to execute a crafted application with SYSTEM privileges (local privilege esc...

Comala Workflows newtask.action taskName has multiple reflected cross-site scripting vulnerabilities

Comala Workflows is a WEB-based application. Comala Workflows newtask.action script handles A cross-site scripting vulnerability exists in taskName, which can be exploited by a remote attacker to construct a malicious URI and trick the user into parsing it, which can be used to obtain a sensitive...

Microsoft Windows Task Scheduler CVE-2015-0098 Remote Privilege Escalation Vulnerability

Description Microsoft Windows Kernel is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the System account. Technologies Affected Avaya Meeting Exchange - Client Registration Server 5.0 Avaya Meeting Exchan...