Integer overflow

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

CVE-2017-5898

CVE-2017-5898 affects Quick Emulator (QEMU) when built with CCID Card device emulator support. The vulnerability is an integer overflow in the emulated_apdu_from_guest function (usb/dev-smartcard-reader.c) that allows a local user to crash the QEMU host process by sending a large APDU unit, causi...

CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

SQL Injection Vulnerability in Webservice of Wando ezOFFICE Collaboration Office System

Wando ezOFFICE collaborative management platform is a comprehensive information base application platform. A SQL injection vulnerability exists in the Wando ezOFFICE Collaborative Office System webservice. The lack of filtering of the 'SOAP unitLevel' parameter allows attackers to exploit the...

CVE-2016-5040

libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a large length value in a compilation unit header...

Out-of-bounds

libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a large length value in a compilation unit header...

UBUNTU-CVE-2016-5040

libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a large length value in a compilation unit header...

CVE-2016-5040

libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a large length value in a compilation unit header...

CVE-2016-5040

libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a large length value in a compilation unit header...

CVE-2016-5040

libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a large length value in a compilation unit header...

A Simple JavaScript Exploit Bypasses ASLR Protection On 22 CPU Architectures

Security researchers have discovered a chip flaw that could nullify hacking protections for millions of devices regardless of their operating system or application running on them, and the worse — the flaw can not be entirely fixed with any mere software update. The vulnerability resides in the w...

CVE-2016-9355

An issue was discovered in Becton, Dickinson and Company BD Alaris 8015 Point of Care PC unit, Version 9.5 and prior versions, and Version 9.7. An unauthorized user with physical access to an Alaris 8015 PC unit may be able to obtain unencrypted wireless network authentication credentials and oth...

CVE-2016-8375

An issue was discovered in Becton, Dickinson and Company BD Alaris 8015 Point of Care PC unit, Version 9.5 and prior versions, and Version 9.7, and 8000 PC unit. An unauthorized user with physical access to an affected Alaris PC unit may be able to obtain unencrypted wireless network authenticati...

Alaris 8015 PC Unit Information Disclosure Vulnerability

The Alaris 8015 PC unit is the centerpiece of the Alaris System, an American BD system that provides a user-common interface for programming IV infusions. An information disclosure vulnerability exists in the Alaris 8015 PC unit. An attacker could exploit the vulnerability to obtain sensitive...

Important: Red Hat Security Advisory: ansible and gdeploy security and bug fix update

An update for ansible and gdeploy is now available for Red Hat Gluster Storage 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

FreeBSD : chicken -- multiple vulnerabilities (c6932dd4-eaff-11e6-9ac1-a4badb2f4699)

Peter Bex reports : A buffer overflow error was found in the POSIX unit's procedures process-execute and process-spawn. Additionally, a memory leak existed in this code, which would be triggered when an error is raised during argument and environment processing. Irregex versions before 0.9.6...

SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2017:0367-1)

This update for ceph fixes the following issues : - CVE-2016-5009: moncommand with empty prefix could crash monitor bsc987144 - Invalid commandd in SOC7 with ceph bsc1008894 - Performance fix was missing in SES4 bsc1005179 - ceph build problems on ppc64le bsc982141 - ceph make build unit test...

The vulnerability of the Android operating system, which allows a hacker to trigger a buffer overflow.

The vulnerability in the Android operating system’s SMMU system call is caused by a buffer overflow. Exploiting this vulnerability allows an attacker, operating remotely, to trigger a memory reallocation through incorrect input in the ADSP SID2CB system call...

Cisco Warns of Critical Flaw in Teleconferencing Gear

Cisco Systems is warning customers of a critical vulnerability affecting three of its TelePresence MCU platform models. The flaw could give attackers the ability to remotely execute code on impacted systems or create conditions favorable to a denial-of-service DoS attack. According to an advisory...