522 matches found
Ubuntu Update for linux-fsl-imx51 USN-1318-1
Ubuntu Update for Linux kernel vulnerabilities USN-1318-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13181.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-fsl-imx51 USN-1318-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...
USN-1319-1 : linux-ti-omap4 vulnerabilities
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...
USN-1318-1: Linux kernel (FSL-IMX51) vulnerabilities
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...
kernel: keys: NULL pointer deref in the user-defined key type
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
PT-2011-4849 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6 Description: The issue is related to the user update function in the Linux kernel, which allows local users to cause a denial of service. This can be achieved through vectors related to a user-defined key and updating...
CVE-2011-4110
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
MySQL User-Defined Functions Multiple Vulnerabilities
User-defined functions in MySQL can allow a database user to cause binary libraries on the host to be loaded. The insert privilege on the table 'mysql.func' is required for a user to create user-defined functions. When running on Windows and possibly other operating systems, MySQL is potentially...
John the Ripper 1.7.8-jumbo-7 Released
John the Ripper 1.7.8-jumbo-7 Released Change Log : Support for encrypted pkzip archives has been added, testing millions of candidate passwords per second. JimF This is in addition to WinZip/AES archives, support for which was added in prior -jumbo updates. Support for Mac OS X 10.7 Lion salted...
CVE-2011-2885
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service application crash via the sample .doc document that incorporates a user-defined toolbar...
Code injection
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service application crash via the sample .doc document that incorporates a user-defined toolbar...
Oracle MySQL for Microsoft Windows Payload Execution
$Id: mysqlpayload.rb 11899 2011-03-08 22:42:26Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
[eVuln.com] Multiple XSS inj in Wernhart Guestbook
New eVuln Advisory: Multiple XSS in Wernhart Guestbook Summary: http://evuln.com/vulns/150/summary.html Details: http://evuln.com/vulns/150/description.html -----------Summary----------- eVuln ID: EV0150 Software: Wernhart Guestbook Vendor: Carl A. Wernhart Version: 2001.03.28 Critical Level: low...
[eVuln.com] Multiple XSS in Alguest
New eVuln Advisory: Multiple XSS in Alguest Summary: http://evuln.com/vulns/151/summary.html Details: http://evuln.com/vulns/151/description.html -----------Summary----------- eVuln ID: EV0151 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: low Type: Cross Site Scripting Statu...
Wernhart Guestbook Cross Site Scripting
New eVuln Advisory: Multiple XSS in Wernhart Guestbook Summary: http://evuln.com/vulns/150/summary.html Details: http://evuln.com/vulns/150/description.html -----------Summary----------- eVuln ID: EV0150 Software: Wernhart Guestbook Vendor: Carl A. Wernhart Version: 2001.03.28 Critical Level: low...
[eVuln.com] URL and Title XSS in AxsLinks
New eVuln Advisory: URL and Title XSS in AxsLinks http://evuln.com/vulns/139/summary.html -----------Summary----------- eVuln ID: EV0139 Software: AxsLinks Vendor: AXScripts Version: 0.3 Critical Level: medium Type: Cross Site Scripting Status: Unpatched. No reply from developers PoC: Not availab...
CVE-2010-3737
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service heap memory consumption by executing a 1 user-defined function UDF or 2 stored procedure while using a different code page than the database server...
Memory corruption
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service heap memory consumption by executing a 1 user-defined function UDF or 2 stored procedure while using a different code page than the database server...
CVE-2010-3737
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service heap memory consumption by executing a 1 user-defined function UDF or 2 stored procedure while using a different code page than the database server...
Format string
Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors...
Design/Logic Flaw
Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors...