Privilege Escalation

PostgreSQL is vulnerable to privilege escalation vulnerability. This is because INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL. A low privileged attacker without full read access but with both INSERT and UPDATE access could read the sensitive information of the table contents...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This is because Salsa20 encryption algorithm does not correctly handle zero-length inputs. This allows a local attacker to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or...

Information Disclosure

Java SE is vulnerable to information disclosure. A remote attacker could exploit the flawed JavaFX component to partially access data resulting in disclosure of sensitive information...

Use After Free

PHP is vulnerable to use after free vulnerability. The vulnerability exists in the wddxstackdestroy function in ext/wddx/wddx.c in PHP. Remote attackers could cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset...

Out-Of-Bounds Read

PHP is vulnerable to out-of-bounds read attacks. This exists in the phpwddxpushelement function in ext/wddx/wddx.c which allows remote attackers to cause a denial of service or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...

Arbitrary Code Execution

Linux kernel is vulnerable to buffer overflow vulnerability. This is due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net in a fragment handling code in the Linux kernel. Remote attackers could execute arbitrary code via crafted...

Information Disclosure

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

Man-in-the-Middle (MitM)

IBM Java SE is vulnerable to man-in-the-middle attacks. The vulnerability exists in Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A remote attacker could use this flaw to...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service attacks. A remote attacker could cause memory exhaustion resulting in denial of service. The vulnerability exists in the file audio/audio.c of the component Audio Capture and exploitable via repeatedly starting and stopping audio capture...

Denial Of Service (DoS) Through Divide By Zero

QEMU is vulnerable to denial of serviceDoS through divide by zero attacks. The vulnerability occurs while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in an application...

Denial Of Service (DoS)

QEMU is vulnerable to denial of serviceDoS attacks. This occurs in the xhciringfetch function in hw/usb/hcd-xhci.c which allows local guest OS administrators to cause a denial of service condition by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

Privilege Escalation

Java SE, Java SE Embedded and JRockit are vulnerable to privilege escalation attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Security component to gain elevated privileges. Successful attacks could result in takeover of Java SE,...

Privilege Escalation

Red Hat Enterprise Linux is vulnerable to privilege escalation attacks. Use of incorrect permissions for /etc/sysconfig/jbossas configuration files allows a local authenticated user to escalate their privileges to root...

Denial Of Service (DoS)

Red Hat JBoss Web Server is vulnerable to denial of service DoS attacks. It is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP which results in a server crash DOS...

Denial Of Service (DoS)

libtiff is vulnerable to denial of service DoS attacks. This allows remote attackers to affect the availability via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif...

Insufficient Entropy In Key Generation Algorithm

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

Sensitive Information Leak

ntp is vulnerable to sensitive information disclosure. It is possible due to missing validation of vallen value in ntpcrypto.c when the decryption of a secret received from an NTP server is performed, leading to a stack-based buffer overflow and crashing the NTP client...

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Buffer Overflow

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Arbitrary File Read

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...

Improper Input Validation

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...

Denial Of Service (DoS)

imagemagick is vulnerable to denial of service DoS. The vulnerability exists in the DrawDashPolygon function of magick/render.c...

Denial Of Service (DoS)

PCRE is vulnerable to denial of service DoS. The vulnerability exists through parsing a malicious regular expression...

Denial Of Service (DoS)

Oracle MySQL Server is vulnerable to denial of service DoS attacks. An authenticated user is able to manipulate the component Memcached with an unknown input which may leads to an application crash...

Privilege Escalation

MySQL Server is vulnerable to privilege escalation. The vulnerability exists as an unspecified vulnerability in Oracle MySQL . This allows a remote authenticated user to manipulate with an unknown input. affected component is 'Privileges'...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileg...

Sensitive Information Disclosure

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...

Denial Of Service (DoS)

firefox/thunderbird is vulnerable to denial of service. A remote attacker is able to corrupt memory and crash the application...

Denial Of Service (DoS)

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Spoofable Server

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The moddavsvn module is used with the Apache HTTP Server to allow access to Subversion...

Denial Of Service (DoS)

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Denial Of Service (DoS)

MySQL is vulnerable to denial of service. It allows remote authenticated users to affect availability via vectors related to DML...

Sandbox Protection Bypass

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause t...

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

Buffer Overflow

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

SQL Injection

PostgreSQL is an advanced object-relational database management system DBMS. An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to...

Null Pointer Dereference

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Heap-Based Buffer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this fla...

Denial Of Service (DoS)

V8 is Google's open source JavaScript engine. It was discovered that V8 did not properly check the stack size limit in certain cases. A remote attacker able to send a request that caused a script executed by V8 to use deep recursion could trigger a stack overflow, leading to a crash of an...

Denial Of Service (DoS)

Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as...

Denial Of Service (DoS)

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Linux OpenStack Platform. Two integer overfl...

Use-after-Free

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

Same-Origin Policy Bypass

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Heap-based Buffer Over-read

OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format. Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or,...

Denial Of Service (DoS)

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...

Integer Overflow

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly,...

Input Validation Bypass

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly,...