Gentoo Linux Security Advisory 201512-13 - Multiple vulnerabilities have been found in InspIRCd, the worst allowing remote attackers to execute arbitrary code. Versions less than 2.0.20 are affected.
8a035e9373b88f2b25418974f622c987585f0634fe3e1ff1d94594db35d1d590
Gentoo Linux Security Advisory 201512-12 - Data validation in KDE Systemsettings could lead to local privilege escalation. Versions less than 4.11.13-r1 are affected.
91304edd48f4a7a7ae01bc85cece56828a14e7579662d692209b42759637b4aa
Gentoo Linux Security Advisory 201512-11 - A buffer overflow in Firebird might allow remote attackers to execute arbitrary code. Versions less than 2.5.3.26780.0-r3 are affected.
ebf0cf5595dd71c229b90d80a98688f967ad738a36910c14c911ecb6c69d4a5a
Ganeti, an open source virtualization manager, suffers from multiple issues in its RESTful control interface (RAPI). The distributed replicated storage (DRBD) secret is leaked by the RAPI interface when job results are requested. Leveraging on the knowledge of this secret, a malicious user who had already gained access to the storage network of the cluster can retrieve instance data more easily and reliably. The RAPI interface is also vulnerable to a denial of service condition, triggered via SSL parameter renegotiation issued by a malicious client. The condition leads to resource exhaustion on the master node. Many versions are affected.
4908b0ea745ca775be075350bb329e3afa85d1d65858822a85447b0558240754
Gentoo Linux Security Advisory 201512-10 - Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 38.5.0 are affected.
8b345c71a57deda9f0a8d7eb50719b94a327aadac84155e9eb75aa9517d6449e
Gentoo Linux Security Advisory 201512-9 - Multiple vulnerabilities have been found in encfs, the worst of which can allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.5 are affected.
059fd7a6542979e2739e90c6041431fb44438c3c58dfcaefa4f76a62b9e4a468
Gentoo Linux Security Advisory 201512-8 - Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.98.7 are affected.
5fc32e294ea5ab2344bd65d50e0882eeb0563d3c852bd072b46c3325fb7d5d40
Gentoo Linux Security Advisory 201512-7 - A buffer overflow in GStreamer could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.5 are affected.
145e7553c78639ba0e110d473c1a22e00ef1d27a08c79f4ce075cec8ab3c03d4
Gentoo Linux Security Advisory 201512-6 - A buffer overflow vulnerability in MPFR could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 3.1.3_p4 are affected.
3555d219ed26c408bde4e5729317d80fae10d392f398829638bee4e18e6765a2
Red Hat Security Advisory 2015-2697-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
cf66ca97718395e208f26158dd4948c5061faf78290b77509496697890751210
Various 2.x releases of WebKitGTK+ suffer from over 130 vulnerabilities. These range from use-after-free to arbitrary code execution issues.
7dc30709125cb2db34abde329f80722cbf2938391b1c828a6de14fc02f27d91c
libtiff versions 4.0.6 and below suffer from a heap overflow vulnerability.
ddfd1c393297b02656c6af06e2fa4f16ca0f928fa45ec87e895588cb147b6756
_TIFFVGetField() in libtiff version 4.0.6 may write field data for certain extension tags to invalid or possibly arbitrary memory locations.
1e6ba94ed422d819e50f84dc63c80b976bb75c2ad64a24ec1ea61f3243511591
Slackware Security Advisory - New blueman packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.
b81045c1c59f38a66a84e2269eace9046fe6f3ef352261ce1b8ae44564a998ef
Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
5e3bb458b910caf3df07029b7035c054a9d5383037f88f0852d98c0852729c62
Debian Linux Security Advisory 3430-1 - Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.
1cd62addcbd83058fe474f7cc4169937181e259f8c04cc1d6b1f8215dd00b999
WordPress NextGEN Gallery plugin version 2.1.10 suffers from a remote shell upload vulnerability.
c71fb2b79645cdc5f4d38e414f680173ec0b97d1f60ef3fde3e35e7b1d5b1dcf
Bugzilla Security Advisory - Bugzilla versions 2.x through 5.x suffer from cross site scripting and information leak vulnerabilities.
db307f7a48f357ccec4e2df7650d49504073c143e214926e2c2f8d2de6b1ae54
EMC Secure Remote Services Virtual Edition is affected by a path traversal vulnerability. Attackers could potentially exploit this vulnerability to access unauthorized information by supplying specially crafted strings in input parameters of the application. Version 3.0x is affected.
8fdb353afde49d3288888cc3ee5c2a890947dbd3ba5aa6fc9be188b655ddf2f7
F-Secure's F-SecureOnlineScanner.exe suffers from a DLL hijacking vulnerability.
08c100af279ae10d50cc0185837958fbe38a62b8c7acd43735db62efeb0c9ab5
EMC VPLEX GeoSynchrony code level 5.5 and earlier contains an undocumented account that may potentially be utilized by malicious VPLEX users to gain unauthorized access to the system.
50bfb76922d4d30ee5c72d4c24b95090ef5578e1b5cac9b3aa9f356fb26b4e46
A heap overflow may occur in the giffix utility included in giflib-5.1.1 when processing records of the type IMAGE_DESC_RECORD_TYPE due to the allocated size of LineBuffer equaling the value of the logical screen width, GifFileIn->SWidth, while subsequently having GifFileIn->Image.Width bytes of data written to it.
14b8a675aca0e489675c477775d6737f0d432c6edb938c10feaa6a0bb0c1e016
Red Hat Security Advisory 2015-2696-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.
503cbc45cdc2f967fddc97f42c3cbcc07b370f89a3a3665b58d860c38d262596
Red Hat Security Advisory 2015-2695-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.
634b5c5d6653bee90c43413700903f911828f921ca8203b0d45a775a1c4ef7b4
Red Hat Security Advisory 2015-2694-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.
4e3e67c3d61bed804fd025dc4f5c0bcec19041a73d8307392711fe4ac6eb7d3c