Ubuntu Security Notice 3015-1 - Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code.
e10fd246dad11166feb241b4d648306e287802ffdbc7819c5b565dcb57d21be3
Red Hat Security Advisory 2016-1376-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
bc0ba25e24a6861d8b1b621296d58137fc8a9bd92ad08063291c68432d9bd996
Debian Linux Security Advisory 3611-1 - The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications. A remote attacker can take advantage of this flaw by sending file upload requests that cause the HTTP server using the Apache Commons Fileupload library to become unresponsive, preventing the server from servicing other requests.
8063f2fceed2ffb108fdb433edb8aa47a61a755d3a99c08fb9ab864029de4cdf
Debian Linux Security Advisory 3610-1 - Brandon Perry discovered that xerces-c, a validating XML parser library for C++, fails to successfully parse a DTD that is deeply nested, causing a stack overflow. A remote unauthenticated attacker can take advantage of this flaw to cause a denial of service against applications using the xerces-c library.
1f894b4a8b46f7ea26ba4c7e1e986dae118351e027465bbd76eee0989c28c308
Ubuntu Security Notice 3022-1 - It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.
8ae390a08fb00115285a78feeee55a76b9fb90b69d2d0153911e8f6d45b6f559
Debian Linux Security Advisory 3608-1 - Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened.
3b3ec3f622f1f01c4413241a511b9a03e1b2a5e8126b4b15ab0699876e43f2d8
Debian Linux Security Advisory 3609-1 - Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections, bypass of the SecurityManager or denial of service.
dc0dfa37ac8428b022149f7007f8c04701baa05b455c582b2b3162c0543ee491
Red Hat Security Advisory 2016-1374-01 - JBoss Portal Platform provides an integrated open source platform for hosting and serving a portal's web interface, aggregating, publishing, and managing its content, and personalizing its experience. This asynchronous patch is a security update for JGroups package in Red Hat JBoss Portal Platform 6.2. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
286af024f9c96f19f6b30409bb512c0b84c72342914a566e0e893e47f30c5daf
Cisco Security Advisory - A vulnerability in the application programming interface (API) of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to access and control the API resources. The vulnerability is due to improper input validation of HTTP requests for unauthenticated URIs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected URIs. Successful exploitation of this vulnerability could allow the attacker to upload malicious code to the application server or read unauthorized management data, such as credentials of devices managed by Cisco Prime Infrastructure or EPNM. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
d0b0c19d2084d83adcd843eacd5cecd81c4f0fd26216c696cb82928bdf546af5
Cisco Security Advisory - A vulnerability in the Lightweight Directory Access Protocol (LDAP) authentication for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to an improper implementation of LDAP authentication. An attacker could exploit this vulnerability by logging into a targeted device that is configured for LDAP authentication. Successful exploitation of this vulnerability could grant the attacker full administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
26cd55b3d740082746010b9e65acfbd03032ecef581282395e0724041de995a0
Cisco Security Advisory - A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to log in to the device with a default account. This account does not have full administrator privileges. The vulnerability is due to a user account that has a default and static password. This account is created during installation. An attacker could exploit this vulnerability by connecting either locally or remotely to the affected system. A successful exploit could allow the attacker to log in to the device using the default account. The default account allows the execution of a subset of command-line interface (CLI) commands that would allow the attacker to partially compromise the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
bd90d90c1c62d42440a8570739723b548b56f9bbafe0011d76ac4d94ce367aa0
The Xerces-C XML parser fails to successfully parse a DTD that is deeply nested, and this causes a stack overflow, which makes a denial of service attack against many applications possible by an unauthenticated attacker. Apache Xerces-C XML Parser library versions prior to 3.1.4 are affected.
a0b966184480f64c7fc857680e37cc670d35cc9e4cccf14b0d26c6528bbbdd5a
Concrete5 versions 5.7.3.1 and below suffer from multiple cross site request forgery vulnerabilities.
baf7f093a6b164bb4963ba1136f5cebe78f38d52676c96cbadced44aa534cacd
Debian Linux Security Advisory 3607-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
0d223b304d17753a1ce52094557c77094582be1a5339c862d34ee91a630a21d9
Red Hat Security Advisory 2016-1345-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
2fc622331271f6afa73eb4f7e48d1d066bc6cbbf159a462885b921ad6608bee7
Ubuntu Security Notice 3016-4 - USN-3016-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.
8b422961da61bd3f40b99e99fad351371bb6609bb98f432f77cc11d8d554d24b
Ubuntu Security Notice 3017-3 - USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.
a1beb623f5e33a2e8c161fd6cca966622aa0882f56c90c2404ac48f36c15fc9b
Ubuntu Security Notice 3021-2 - Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
a1920ccfc4f4c6e5f276bfd5d75431b8b3ae7cb57f8387df52a131fbfbe2120f
Ubuntu Security Notice 3021-1 - Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
a58aea903cc903ad65202dc2ce64c473a75d915b0fa02a508452f77673343643
Gentoo Linux Security Advisory 201606-19 - Kwalletd password stores are vulnerable to codebook attacks. Versions less than 4.14.3-r2 are affected.
ea592a530bcb697a8742eb3a0b6c8b5ba892f26c30d3e70a01ddfbf99e837986
Gentoo Linux Security Advisory 201606-18 - Multiple vulnerabilities have been found in IcedTea allowing remote attackers to affect confidentiality, integrity, and availability through various vectors. Versions less than 7.2.6.6-r1 are affected.
ebdd1b365bfa8f378b59b53cf2276953c442ce0a028d0eab48f33412fe350ecf
Ubuntu Security Notice 3020-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
54f83afa154640f8024df9abd28aa401d3608933d58a98291d2ff9437c61ffc3
Ubuntu Security Notice 3018-2 - USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.
967ed36586a074ad56c5537a86344439a141220272f76359ff378d22c3a93cd7
Ubuntu Security Notice 3019-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
9290b489b84336a68219bbf34af20a42bbcb89266e0f5470f3726d9949ced727
Ubuntu Security Notice 3018-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
19b9ec27b0226f3c7b7630645b541791cdab6e5d2596d808843adf1e12571f08