Android suffers from a KASLR bypass in pm_qos.
e57d39b01d246ceb8c13456e2e06c50b7a9d4704cb145b0737118ed637b996fd
Mac OS / iOS kernels suffers from a use-after-free due to a lack of locking in host_self_trap.
71fb8aae34cb7c0d37a7f49a309f5a2dae66cfa5cdb219509169904461df04bc
Cisco WebEx version 1.0.5 suffers from a new arbitrary command execution vulnerability via a module whitelist bypass.
cca3ecf12e0dac1eb99404188e20bcca27a53567815273560c040946b9001609
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0
HTTP_Upload version 1.0.0b3 fails to appropriately take into consideration more than file extensions when mitigating malicious file uploads, allowing for remote code execution.
e323fe2a36bdc1ea0a49a45f10d4a5a86e92e82480c26d9d199a73052395b5c5
Debian Linux Security Advisory 3771-1 - Multiple security issues have been found in the Mozilla Firefox web errors may lead to the execution of arbitrary code, information disclosure or privilege escalation.
d99c14028fa61a63d267e44f38d8b8fc49fc7b2804ca31dec588fe86f9a620d1
Cisco Security Advisory - A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
b25ac4e0a30adf1e190b4cdde7f8af8749cd2dec6e09663e29c25b6921ea28a5
Cisco Security Advisory - A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
e38280c54046f87c9130ec4824a4152f839104804c03a19b62b8d53b7ab0c984
Cisco Security Advisory - A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
360234b583a96365ec769e58bf559cda974f2537dd62ac3a8ca202d463fbc744
Red Hat Security Advisory 2017-0196-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.
a44d2b242c7a37d563d6dc8f852849a2a378aba0acb3a1df5113f7c57b6564fa
Red Hat Security Advisory 2017-0195-01 - Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a newer upstream version: ansible. Multiple security issues have been addressed.
bac2055a8a470e01e78a097989076d4fa34d7e209af203d4a6ff20e24979a08e
Mac OS and iOS kernels suffer from a memory corruption vulnerability due to a userspace pointer being used as a length.
0e21ab8bef04b55df21495e7a540f3e13300a9331dbcf4776f45dad00c8a3317
Android suffers from an RKP related memory corruption vulnerability in rkp_mark_adbd.
649722c7f67880c4ce089b2ce89d2f853771bbc7a6392616688f551b5c4956c1
Mac OS / iOS kernels suffer from a use-after-free due to a failure to take reference in IOService::matchPassive.
57adee4dbe381b4218e166f2027051025367d86e1a973643acee3ccb7042ec38
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
3078b4b7a9bb956e0a44e4ad72a286d5a8e2de11f5e58b9ba548208a568fd11f
OpenSSL Security Advisory 20170126 - If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. Other issues were also addressed.
457838ec233230687d717bc896db28bd57340df047d0575d696435c9376532d2