Ubuntu Security Notice 1992-1 - An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory.
fee2014bd298fc59f037cb42a0648e8986000f07a2494dd7c010b2a81e15e98f
Ubuntu Security Notice 1999-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.
46dfbbb3131e008fbc18c11154dae6142610f2973f8a2894f93585d6defc7ba8
Ubuntu Security Notice 1998-1 - An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. Various other issues were also addressed.
6fe1ea254476a5b155997999ca06779d4d5cc86acc30e3d6c9312115df1ff8e8
Ubuntu Security Notice 1997-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.
b4163dd4a3d390dd6e4e06d33615c68368b4f3bb18f9e7317255408e917671a0
A stack-based buffer overflow and a kernel memory disclosure vulnerability have been discovered in the system call handlers of the camera driver for Android.
5e4baafc3b719ae7fddd0675ed808b960988f0436701a0308d0d5005f17017a3
Debian Linux Security Advisory 2783-1 - Several vulnerabilities were discovered in Rack, a modular Ruby webserver interface.
3c392a1375e3aa987daddb2c193f9928f448bd6e8ece3459581735e59e24c6f5
Debian Linux Security Advisory 2781-1 - A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto.
6695a6576586dea915a7c65e935fc8c86b16417e40a9f3b27fa899ac2231fddf
Red Hat Security Advisory 2013-1448-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.
03fa7e52d5b3150d12a62cd92687cd74e25829acb9a583514ad4089323ece6f9
Red Hat Security Advisory 2013-1447-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine.
a4a9467ade7fa361d330fec6175a9960c1af594161dadf75c30566556438330a
Ubuntu Security Notice 1991-1 - It was discovered that the GNU C Library incorrectly handled the strcoll() function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that the GNU C Library incorrectly handled multibyte characters in the regular expression matcher. An attacker could use this issue to cause a denial of service. It was discovered that the GNU C Library incorrectly handled large numbers of domain conversion results in the getaddrinfo() function. An attacker could use this issue to cause a denial of service. Various other issues were also addressed.
9a3faf4d014c0ecc32760724cade9dbcc4a41d949e21274c41bba46d64866b9f
Debian Linux Security Advisory 2782-1 - Multiple security issues have been discovered in PolarSSL, a lightweight crypto and SSL/TLS library.
97680e92d317bf31d647c5abadc604617e0328ccc9f37594fbd9fec713ac66a5
Slackware Security Advisory - New hplip packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-4325.
d51789595e74cd6d927413448faf207d8b136de73fc3d59e6680590ccc5769c8
Slackware Security Advisory - New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2012-2088,CVE-2012-2113,CVE-2012-4447,CVE-2012-4564,CVE-2013-1960,CVE-2013-1961,CVE-2013-4231,CVE-2013-4232,CVE-2013-4244.
8efbfdf677fa9982c5f47aeec194dfc0fddb0fe6852beca1661e63d8b3687b4b
Apache Sling versions 1.1.2 and below suffer from an open redirect vulnerability.
ee270abce05743ee02362386f6d83b6a0c357df5e869edb7ce72edc6ced89f5b
glibc version 2.5 suffers from a crash bug due to relocation types.
163fcff7cbfeb2e0da5ae7c5f567ee8309c8399af6b50ef32484366325637dfc
VMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.
f12f7718cd809d06b660ac50220f6d10a650005791eca8e30c22bada4c7bb911
Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
997866fcbe06e5a0d3d671cad421d631798c370aa8d68534717d905391eee5f0
Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
d20d575cf387a12cb1f1fe8d514bb5a5a16afb37a8356c7288310330372f7c28
Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.
318c161bad22c9578dac995bb0cc50a71769a4b20ec80a826c602730c6f8d7cc
Mandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
0eb2cd82b2ff838ef4aa7c6c1c69bfa24d50a5ce038cbd73a1f91cf1c12c3ccd
Mandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.
87c892b0b1b0a63846d8440441847718da90b4e6dd6559a8e5add5f37afae24d
Mandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
9f962c6db1691c45e7d78d3ba814af35373f15b3e5781028fde68b9a4696daab
Mandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.
0a2884cd915d053154e7234d410fd1981f2e9addf730ab07f929b35a77ceddd2
Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.
943bffbd4c59491956254e396c5dddc10c25b0b775de07d14bd90dac0cbf7118
Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.
298a85c71d878d7cffa115e7f986c8ab93495c936ad88dded1f9d2a6aa07d358