47153 matches found
libgfortran integer overflows
Multiple integer overflows...
HP Intelligent Provisioning information leakage
No description provided...
LibTIFF multiple security vulnerabilities
Multiple memory corruptions on different formats parsing...
Asterisk certificate validation bypass
Invalid NULL character handling...
Linux kernel security vulnerabilities
Information leakage...
AST-2015-003: TLS Certificate Common name NULL byte exploit
Asterisk Project Security Advisory - AST-2015-003 Product Asterisk Summary TLS Certificate Common name NULL byte exploit Nature of Advisory Man in the Middle Attack Susceptibility Remote Authenticated Sessions Severity Major Exploits Known None Reported On 12 January, 2015 Reported By Maciej...
Mandriva Business Server weak permissions
Password files weak permissions...
CA20150407-01: Security Notice for CA Spectrum
-----BEGIN PGP SIGNED MESSAGE----- CA20150407-01: Security Notice for CA Spectrum Issued: April 7, 2015 CA Technologies Support is alerting customers to multiple potential risks with CA Spectrum. Two vulnerabilities exist that can potentially allow a remote authenticated attacker to gain sensitiv...
[CORE-2015-0007] - Schneider Vampset Stack and Heap Buffer Overflow
Advisory Information Title: Schneider Vampset Stack and Heap Buffer Overflow Advisory ID: CORE-2015-0007 Advisory URL: http://www.coresecurity.com/advisories/schneider-vampset-stack-and-heap-buffer-overflow Date published: 2015-03-30 Date of last update: 2015-03-27 Vendors contacted: Schneider...
[ MDVSA-2015:174 ] erlang
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:174 http://www.mandriva.com/en/support/security/ Package : erlang Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated erlang packages fixes security vulnerability: An FTP command...
[ MDVSA-2015:177 ] ctdb
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:177 http://www.mandriva.com/en/support/security/ Package : ctdb Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated ctdb packages fix security vulnerability: ctdb before 2.5 is...
[ MDVSA-2015:171 ] freerdp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:171 http://www.mandriva.com/en/support/security/ Package : freerdp Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated freerdp packages fix security vulnerabilities: Integer...
[SECURITY] [DSA 3217-1] dpkg security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3217-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 09, 2015 http://www.debian.org/security/faq -...
EMC PowerPath backdoor account
EMC PowerPath vApp undocumented account...
[ MDVSA-2015:184 ] setup
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:184 http://www.mandriva.com/en/support/security/ Package : setup Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated setup package fixes security vulnerability: An issue has been...
Apple TV multiple security vulnerabilities
Nearly 40 different vulnerabilities, including code execution...
APPLE-SA-2015-04-08-4 Apple TV 7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-04-08-4 Apple TV 7.2 Apple TV 7.2 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A malicious application may be able to execute arbitrary code with system privileges...
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain...
Apple Mac OS X multiple security vulnerabilities
Unsafe cookie handling, code execution via different formats and protocols, privilege escalation, information leakage...
Cisco Unity Connection multiple security vulnerabilities
Multiple DoS conditions...
Cisco Prime Data Center Network Manager directory traversal
fmserver servlet directory traversal...
Cisco ASA multiple security vulnerabilities
Commands injection, resources exhaustion, DoS...
[USN-2554-1] GnuPG vulnerabilities
========================================================================== Ubuntu Security Notice USN-2554-1 April 01, 2015 gnupg, gnupg2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...
[SECURITY] [DSA 3210-1] wireshark security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3210-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 31, 2015 http://www.debian.org/security/faq -...
wireshark multiple security vulnerabilities
DoS on parsing WCP, pcapng and TNEF...
GnuPG / libgcrypt multiple security vulnerabilities
Use-after-free, backside channels information disclosure...
[USN-2553-1] LibTIFF vulnerabilities
========================================================================== Ubuntu Security Notice USN-2553-1 March 31, 2015 tiff vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
FreeBSD Security Advisory FreeBSD-SA-15:09.ipv6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:09.ipv6 Security Advisory The FreeBSD Project Topic: Denial of Service with IPv6 Router Advertisements Category: core Module: ipv6 Announced: 2015-04-07...
FreeBSD IPv6 DoS
It's possible to set low current hope limit via Neighbor Discover Protocol...
FreeBSD Security Advisory FreeBSD-SA-15:07.ntp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:07.ntp Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities of ntp Category: contrib Module: ntp Announced: 2015-04-07 Credits: Network Time...
FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory Information Title: FreeBSD 10.x ZFS encryption.key disclosure CVE-2015-1415 Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-1415.txt.asc Date published: 2015-04-07 Vendors contacted: FreeBSD Release mode: Coordinated release...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Certificate check bypass, code execution, restrictions bypass, memory corruptions...
ntpd restrictions bypass
message authentication code implementation is invalid and can be bypasses...
[SECURITY] [DSA 3203-1] tor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3203-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...
FreeBSD zfs weak permissions
Weak file permissions may be set during transaction replay...
FreeBSD weak permissions
Weak ZFS and GELI key files permissions...
tor DoS
Multiple DoS conditions...
libtasn1 memory corruption
Memory corruption on ASN.1 parsing...
FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:08.bsdinstall Security Advisory The FreeBSD Project Topic: Insecure default GELI keyfile permissions Category: core Module: bsdinstall Announced: 2015-04-07...
[SECURITY] [DSA 3216-1] tor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3216-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 06, 2015 http://www.debian.org/security/faq -...
[USN-2559-1] Libtasn1 vulnerability
========================================================================== Ubuntu Security Notice USN-2559-1 April 08, 2015 libtasn1-3, libtasn1-6 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite...
Security Audit Notes - OpenSSH 6.8 - Advanced Information Security Corp
-=Advanced Information Security Corp=- Author: Nicholas Lemonias Report Date: 2/4/2015 Email: lem.nikolas at gmail dot com Introduction ========== During a source-code audit of the OpenSSH v6.8 latest release implementation for linux; conducted internally by the Advanced Information Security Grou...
Security Audit Notes = Kerberos (krb5-1.13) issues - Advanced Information Security Corp
-=Advanced Information Security Corp=- Nicholas Lemonias Report Date: 3/4/2015 Email: [email protected] Introduction ============== During a source-code audit of the krb5-1.13 stable release 15 October 2014 implementation for linux; conducted internally by the Advanced Information Security...
libgd / PHP security vulnerabilities
Buffer overflow, NULL pointer dereference...
MIT Kerberos 5 multiple potential security vulnerabilities
Memory leaks, insufficient memory zeroing, etc...
[SECURITY] [DSA 3214-1] mailman security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3214-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 06, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3213-1] arj security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3213-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 06, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3215-1] libgd2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3215-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini April 06, 2015 http://www.debian.org/security/faq -...
Apache Subversion multiple security vulnerabilities
Resources exhaustion, DoS, information spoofing...