Red Hat Security Advisory 2015-1947-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.4 release serves as a replacement for JBoss Operations Network 3.3.3, and includes several bug fixes.
7985f8504d33b5359d0cb1b9da5f140779f3d93b6e6829d74931ef9435d3af97Ubuntu Security Notice 2786-1 - It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service.
0de206bddf6f35ef3942536eb6df967551a94280864aed5e1211e819163b1d07Ubuntu Security Notice 2784-1 - Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were also addressed.
361521e12f4d7dea04ff6a4125094f31c67ae544ce4049867b34c71e1fdf5cbeDebian Linux Security Advisory 3381-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, or denial of service.
ae67427fbd3a22aba6a14d7520425068fe4eb2167df41840936e47c3f096d239Debian Linux Security Advisory 3380-1 - Two vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
73cc38128f5ff928532c8919b7f83e0b4029dbbcbad507a06238d5213b1a3b4dSerendipity version 2.0.2 suffers from a stored cross site scripting vulnerability.
bafb55dacc02a9d144ad9401ff63b71c1218bf0cd283d5b42f8f20c2e6d803e4The Samsung m2m1shot driver framework is used to provide hardware acceleration for certain media functions, such as JPEG decoding and scaling images. The driver endpoint (/dev/m2m1shot_jpeg) is accessible by the media server. The Samsung S6 Edge is a 64-bit device, so a compatibility layer is used to allow 32-bit processes to provide structures that are expected by the 64-bit driver. There is a stack buffer overflow in the compat ioctl for m2m1shot.
b0c5900d4ce52a323271b9224cc5fd02fc37af255afea06a937e89a8d81fdecdThe Samsung Graphics 2D driver (/dev/fimg2d) is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains a locking error which can lead to memory errors (such as use-after-free) due to a race condition.
a3f38084cb1d4d13978aaba6602e9965fb1df0bed4c3c2f913708f75b9b78245The Exynos Seiren Audio driver has a device endpoint (/dev/seiren) that is accessible by either the system user or the audio group (such as the mediaserver). It was found that the write() implementation for this driver contains a buffer overflow vulnerability that overflows a static global buffer.
faf34e337128765e7e7cd244e5054952422e46472fdd20baad4de151245624d7The SecEmailComposer/EmailComposer application used by the Samsung S6 Edge has an exported service action to do quick replies to emails. It was found that this action required no permissions to call, and could lead to an unprivileged application gaining access to email content.
594870b3ae98a33494d0b1c1cfe743d48fcdc6e5eb9a57bb9891ab2068f4be75
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed