Monthly Archive: October 2016

Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before...

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause...

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak. Date published : 2016-10-07 http://www.securityfocus.com/bid/72768 http://www.securityfocus.com/archive/1/534755/100/1600/threaded

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks...

The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. Date published : 2016-10-07 http://www.securityfocus.com/bid/93038...

Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a...

Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell...

The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a...

The lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) before 2015 SP5 and 2016 before R1 SP1, as used by Citrix License Server for Windows before 11.14.0.1 and Citrix License Server VPX...

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions...

Pagure 2.2.1 XSS in raw file endpoint Date published : 2016-10-07 https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77.patch

Mirror Manager version 0.7.2 and older is vulnerable to remote code execution in the checkin code. Date published : 2016-10-07 https://github.com/fedora-infra/mirrormanager2/commit/2e227f6023477cbdbefd577f15d0846aa40c8775.patch https://github.com/fedora-infra/mirrormanager2/commit/eb9b542bc818071b9eee41c3583b7e6e172b3a53.patch

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect Date published : 2016-10-07 https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash)...