Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 1 - 10 of 64342 in total

Amazon Linux AMI: Security patch for usermode (ALAS-2015-572) (CVE-2015-3245) Vulnerability

  • Severity: 4
  • Published: July 26, 2015

It was found that libuser, as used in the chfn userhelper functionality, does not properly filter out newline characters, which allows an authenticated local attacker to corrupt the /etc/passwd file and cause denial-of-service against the system. (CVE-2015-3245 )

USN-2683-1: Linux kernel (Vivid HWE) vulnerabilities Vulnerability

  • Severity: 4
  • Published: July 22, 2015

A flaw was discovered in the kvm (kernel virtual machine) subsystem'skvm_apic_has_events function. A unprivileged local user could exploit thisflaw to cause a denial of service (system crash). (CVE-2015-4692) Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filterJIT optimization. A local attacker could exploit this flaw...

USN-2679-1: Linux kernel (OMAP4) vulnerabilities Vulnerability

  • Severity: 4
  • Published: July 22, 2015

A flaw was discovered in the user space memory copying for the pipe iovecsin the Linux kernel. An unprivileged local user could exploit this flaw tocause a denial of service (system crash) or potentially escalate theirprivileges. (CVE-2015-1805) Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filterJIT optimization. A l...

ELSA-2015-1483 Important: Oracle Linux libuser security update Vulnerability

  • Severity: 4
  • Published: July 22, 2015

Oracle Linux Security Advisory ELSA-2015-1483 http://linux.oracle.com/errata/ELSA-2015-1483.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libuser-0.60-7.el7_1.i686.rpm libuser-0.60-7.el7_1.x86_64.rpm libuser-devel-0.60-7.el7_1.i686.rpm libuser-devel-0.60-7.el7_1.x86_64...

USN-2682-1: Linux kernel (Utopic HWE) vulnerabilities Vulnerability

  • Severity: 4
  • Published: July 22, 2015

A flaw was discovered in the kvm (kernel virtual machine) subsystem'skvm_apic_has_events function. A unprivileged local user could exploit thisflaw to cause a denial of service (system crash). (CVE-2015-4692) A flaw was discovered in how the Linux kernel handles invalid UDPchecksums. A remote attacker could exploit this flaw to cause a d...

Amazon Linux AMI: Security patch for openssh (ALAS-2015-568) (CVE-2015-5352) Vulnerability

  • Severity: 4
  • Published: July 22, 2015

It was reported that when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh(1) coupled with "fail open" behavior in the X11 server when clients attempted connections with e...

RHSA-2015:1482: libuser security update Vulnerability

  • Severity: 4
  • Published: July 22, 2015

Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links ...

FreeBSD: wordpress -- XSS vulnerability (Multiple CVEs) Vulnerability

  • Severity: 4
  • Published: July 22, 2015

Gary Pendergast reports: WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team. ...

USN-2680-1: Linux kernel (Trusty HWE) vulnerabilities Vulnerability

  • Severity: 4
  • Published: July 22, 2015

A flaw was discovered in the user space memory copying for the pipe iovecsin the Linux kernel. An unprivileged local user could exploit this flaw tocause a denial of service (system crash) or potentially escalate theirprivileges. (CVE-2015-1805) A flaw was discovered in the kvm (kernel virtual machine) subsystem'skvm_apic_has_events func...