CVE-2014-5690

The Runtastic Timer aka com.runtastic.android.timer application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Design/Logic Flaw

The Runtastic Timer aka com.runtastic.android.timer application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5690

CVE-2014-5690 affects the Runtastic Timer Android app (version 1.0.1). The root cause is a failure to validate X.509 certificates from SSL servers, allowing man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The connected documents do not prov...

CVE-2014-5690

The Runtastic Timer aka com.runtastic.android.timer application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-3347

Cisco IOS 15.14M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service device hang by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid...

CVE-2014-3347

Cisco 1800 Series ISR devices running IOS 15.1(4)M2 with ISDN BRI enabled are affected by CVE-2014-3347. The issue resides in the hardware entropy collection module: an interrupt timer collision triggered during entropy collection (knowledge of the ISDN phone number) can cause the hardware encryp...

CVE-2014-3302

user.php in Cisco WebEx Meetings Server 1.5.1.131 and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708...

Design/Logic Flaw

user.php in Cisco WebEx Meetings Server 1.5.1.131 and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708...

Cisco WebEx Meetings Server Authenticated Encryption Vulnerability

A vulnerability in the user.php script of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information. The vulnerability is due to an invalid token timer. An attacker could exploit this vulnerability by submitting crafted URL requests to a vulnerable...

qemu: hpet: buffer overrun on invalid state load

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...

Back-End CMS <= 0.7.2.2 (BE_config.php) Remote Include Vulnerability

No description provided by source. DEVIL TEAM THE BEST POLISH TEAM Back-End CMS - Remote File Include Vulnerabilities Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl Site of script: http://www.back-end.o...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0155-1)

Multiple vulnerabilities were fixed in java-160-openjdk : - CVE-2010-4448: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N: DNS cache poisoning by untrusted applets - CVE-2010-4450: CVSS v2 Base Score: 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P: Launcher incorrect processing of empty library path entries ...

openSUSE Security Update : XEN (openSUSE-SU-2012:1572-1)

This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...

Mozilla: Use-after-free with SMIL Animation Controller (MFSA 2014-52)

Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service heap memory...

Mozilla: Use-after-free with SMIL Animation Controller (MFSA 2014-52)

Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service heap memory...

UBUNTU-CVE-2014-3125

Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTLEL1 register, which allows local guest users to modify the hardware timers and cause a denial of service crash via unspecified vectors...

Hardware timer context is not properly context switched on ARM

ISSUE DESCRIPTION When running on an ARM platform Xen was not context switching the CNTKCTLEL1 register, which is used by the guest kernel to control access by userspace processes to the hardware timers. This meant that any guest can reconfigure these settings for the entire system. IMPACT A...

UBUNTU-CVE-2013-4527

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...

DEBIAN-CVE-2013-6367

The apicgettmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service divide-by-zero error and host OS crash via crafted modifications of the TMICT value...

iOS 7 lock screen vulnerability that can bypass the password to view the photos and other information containing operation step-the vulnerability warning-the black bar safety net

Apple's new iPhone 5S a major selling point is its safety features,including its new addition to the fingerprint processor and the next generation of iOS 7 built-in anti-theft feature. However, a since on behalf of iOS 6 will be any bug so far is still there,you can make everyone bypass the lock...