85 matches found
MGASA-2017-0349 Updated ffmpeg packages fix security vulnerability
This update provides ffmpeg version 3.3.4, which fixes several security vulnerabilities and other bugs which were corrected upstream...
Cagintranet Networks GetSimple CMS Information Disclosure Vulnerability (CNVD-2017-04278)
Cagintranet Networks GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. An information disclosure vulnerability exists in Cagintranet Networks GetSimple C...
GetSimple CMS 3.3.4 XML External Entity Injection
------------------------------------------------------------------ GetSimple CMS adddata$in; User input passed via the "data" POST parameter is not properly sanitized before being used in a call to the "simplexmlloadstring" function at line 23. This can be exploited to carry out XML External Enti...
OTRS Multiple Vulnerabilities (OSA-2014-01, OSA-2014-02)
Open Ticket Request System OTRS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs";...
kvm: device assignment page leak
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service memory leak and host OS crash by leveraging administrative access to the guest OS to conduct hotunplug an...