The DxgkDdiEscape handler for 0x70001b2 doesn't do proper bounds checks for its variable size input.
3f0707279202aa000fc87188c9423545af5ea5238e8a0a0747d912d04badb09d
The DxgkDdiEscape handler for 0x700010d accepts a user provided pointer as the destination for a memcpy call, without doing any checks on said pointer.
00028040fc1696111b53b38186779858df513b4aa81a7ab2a7c1d708f6b717c5
The DxgkDdiEscape handler for 0x600000D passes an unchecked user provided pointer as the destination for a memcpy call. This leads to kernel memory corruption.
88df8868b62f20e6af812714d8f4fbc7c341957f6633b3258e0389967bc4db8e
A logic issue in launchd message requeuing allows arbitrary mach message control. Mac OS X version 10.11.6 is affected.
0c4a95bb9942e2aa50c7ff4c3ea1baae30e2d99475cd575f65c1e1f70c6285a5
NVIDIA escape code leaks uninitialized ExAllocatePoolWithTag memory to userspace.
f708d6be27d7323b5b92bfefe4673bcc69a708dc90f8c96a6211dd65b7f7b009
Multiple memory safety issues exist in Mac OS X and iOS inside of mach_ports_register.
164ada40109fdf8bff76ff09d76b270061f06289e2e74b857944849bdf5cb42e
NVIDIA's UVMLiteController ioctl handling in nvlddmkm.sys failed to provide proper length checking.
35df092ce423d70fd6bbcf76399d366b6e2c33dd7474e617edb4a4aae54093e8
The DxgkDdiEscape handler for 0x7000194 doesn't do bounds checking with the user provided lengths it receives. When these lengths are passed to memcpy, overreads and memory corruption can occur.
fe4199c90270a4da962ed45b45ddf04bfdf0f113751182e41c3f39b735a8f2c9
Debian Linux Security Advisory 3701-2 - The update for nginx issued as DSA-3701-1 to address CVE-2016-1247 introduced a packaging issue, which prevents nginx from being reinstalled or upgraded to a subsequent release. Updated packages are now available to address this problem.
c6f8c4c108e93298ad8357b758fb00ddea690c42be17e52b058750dde9d4d075
Red Hat Security Advisory 2016-2124-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
583c9262cd833df9ea9a6338f42e103bcfcb9dc8eee2293a0d6668ad40f068a1
Lupusec XT1 alarm system version 1.0.80 suffers from cross site request forgery, cross site scripting, insecure transit, and denial of service vulnerabilities.
fbecfed3f109bd160d9f55aa41dc3945ae1969cf15d279a1575d8d43d248f32f
K7 TotalSecurity version 15.1.0.289 suffers from an unquoted service path privilege escalation vulnerability.
e4e1925f14069c34fd9fc8d74cd27e0486f57e239bc7f945c34c0d26c4af622b
Ubuntu Security Notice 3112-1 - Catalin Dumitru discovered that URLs of resources loaded after a navigation start could be leaked to the following page via the Resource Timing API. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to obtain sensitive information. Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, and Carsten Book discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
b8d665c1a846400e1f7e964a15a632b19104b1717e44ba9ec8f2ec975496481e
Panda Internet Security version 17.0.1 suffers from an unquoted service path privilege escalation vulnerability.
85c6106ae7d20271fb395f192579ec70aa06342ae7d88ad6c992ceda7befb047
Apple Security Advisory 2016-10-27-3 - iTunes 12.5.2 for Windows is now available and addresses information disclosure and code execution vulnerabilities.
7837c6aba83c29572d902438c64faefb1b3d10d188308858e81f998ce2d4c8a1
Apple Security Advisory 2016-10-27-2 - iCloud for Windows v6.0.1 is now available and addresses input validation and memory corruption vulnerabilities.
e6b2f11e487a13140de9459c76fdb0c2c16e535686e8418040177a9a2db898d1
IObit Uninstaller version 6.0.2.156 suffers from an unquoted service path privilege escalation vulnerability.
447134b844e1efc83b8c50c6c0e26f3c7afd3d86c54102d0f962ec0c22554e43
Apple Security Advisory 2016-10-27-1 - Xcode 8.1 is now available and addresses code execution vulnerabilities.
df4e9e18d07031af03162429c5cf5f429609a92fcbc73263b3a265198afd9ef3
The bulletin summary for October 2016 has been updated to include an additional out-of-band bulletin, MS16-128.
0c3532bb83dda985a21572cb64d52961cc762b700e7fc383723f46b26c70262b
WonderShare Filmora version 7.5.0 suffers from a dll hijacking vulnerability.
3f776e347660267a429faf6e4144c2837a7e4ba0bf215d2e647f9b3d2675c8f7
Vivaldi version 1.4.589.11 suffers from a DLL hijacking vulnerability.
cf886466c9c1d14450df4d7944e36410e55f380f972d4348a5d0cf7c1a15d39f
VideoCharge Studio suffers from a DLL hijacking vulnerability.
1e836755b711a0b91fabb7ee064fa9c854ec157c63a0c2254ac4530dd2b6bd3b
ABT Blog version 2.0 suffers from a database disclosure vulnerability.
7c6375cb0f74c04acd20b88fd2f00b9bf454663c2c184a063dace58525d2f8c6
Red Hat Security Advisory 2016-2120-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
21400fd9d46011e6214b97dde47b05d64f82b4980dfff20736f6091bc98770c2
Red Hat Security Advisory 2016-2119-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.643. Security Fix: This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
624a157feed85f8362a2172a09e51473198385362994b73ebaf3945b3e57e548