Microsoft DNS obsolete version Vulnerability
- Severity: 10
- Published: June 30, 2015
Micrsoft DNS running on Windows 2000 Server or Windows Server 2003, are obsolete and are no longer supported.
Or, Browse latest vulnerabilities or latest modules
SUSE Linux Security Vulnerability: CVE-2014-9298 Vulnerability
- Severity: 4
- Published: February 22, 2015
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
SUSE Linux Security Vulnerability: CVE-2014-9297 Vulnerability
- Severity: 4
- Published: February 22, 2015
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
SUSE Linux Security Vulnerability: CVE-2014-9402 Vulnerability
- Severity: 4
- Published: February 22, 2015
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
SUSE Linux Security Vulnerability: CVE-2014-5220 Vulnerability
- Severity: 4
- Published: February 22, 2015
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
DSA-3167-1 sudo -- security update Vulnerability
- Severity: 4
- Published: February 21, 2015
Jakub Wilk reported that sudo, a program designed to provide limited super user privileges to specific users, preserves the TZ variable from a user's environment without any sanitization. A user with sudo access may take advantage of this to exploit bugs in the C library functions which parse the TZ environment variable or to open files ...
APSB15-04: Security updates available for Adobe Flash Player (CVE-2015-0331) Vulnerability
- Severity: 4
- Published: February 20, 2015
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
FreeBSD: krb5 1.12 -- New release/fix multiple vulnerabilities Vulnerability
- Severity: 4
- Published: February 19, 2015
The MIT Kerberos team announces the availability of MIT Kerberos 5 Release 1.12.3: Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354] [CVE-2014-5353] Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421 CVE-20...
SUSE Linux Security Vulnerability: CVE-2014-5352 Vulnerability
- Severity: 9
- Published: February 18, 2015
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-af...
SUSE Linux Security Vulnerability: CVE-2014-9423 Vulnerability
- Severity: 5
- Published: February 18, 2015
The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for da...