Open Bugtraq


2017-02-27
Med.
Med.
Med.
Med.
Med.
Med.
2017-02-26
Med.
Low
2017-02-25
High
Med.
Med.
Med.
Med.


The latest CVEs

2017-02-24
CVE-2017-5669 Linux Linux kernel
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.

CVE-2016-9009 IBM Websphere mq
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.

CVE-2016-9975 IBM Dashboard application services...
IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1998714.

CVE-2016-2226 GNU Libiberty
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.

CVE-2016-4041 Plone Plone
Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors.

CVE-2016-4042 Plone Plone
Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

CVE-2016-4487 GNU Libiberty
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."

CVE-2016-4488 GNU Libiberty
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."

CVE-2016-4489 GNU Libiberty
Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."

CVE-2016-4490 GNU Libiberty
Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.


Dorks


2017-02-27
Med.
IrIsT.Ir
Med.
IrIsT.Ir
Med.
IrIsT.Ir
Med.
IrIsT.Ir
Med.
IrIsT.Ir

Copyright 2017, cxsecurity.com