Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories

Security Advisories

Here you'll find the latest security advisories from various Vendors.
Page: 123456 out of 751

ICU regression | USN-2522-2 | March 06, 2015

» CVE-2013-1569 High: Unspecified vulnerability in the Java (10.00)

libjpeg-turbo 1.3.1 updates | FEDORA-2015-2580 | March 06, 2015
Security fix for CVE-2014-9092

gnupg 1.4.19 updates | FEDORA-2015-2893 | March 06, 2015
New upstream v1.4.19 - Use ciphertext blinding for Elgamal decryption [CVE-2014-3591] - Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]

Important qemu-kvm-rhev security update | RHSA-2015:0643-01 | March 05, 2015
This issue was found by Paolo Bonzini of Red Hat.

Important redhat-access-plugin-openstack security update | RHSA-2015:0645-01 | March 05, 2015
Red Hat would like to thank Sara Perez Merino of SensePost for reporting this issue.

Low openstack-glance security and bug fix update | RHSA-2015:0644-01 | March 05, 2015
Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Tushar Patil of NTT as the original reporter.

Important thunderbird security update | RHSA-2015:0642-01 | March 05, 2015
An information leak flaw was found in the way Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the co

Critical firefox security update | RHSA-2015:0629-01 | March 05, 2015
An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the conten

Moderate hivex security, bug fix, and enhancement update | RHSA-2015:0301-02 | March 05, 2015
Red Hat would like to thank Mahmoud Al-Qudsi of NeoSmart Technologies for reporting this issue.

Low libvirt security, bug fix, and enhancement update | RHSA-2015:0323-02 | March 05, 2015
It was discovered that the virDomainSnapshotGetXMLDesc() and virDomainSaveImageGetXMLDesc() functions did not sufficiently limit the usage of the VIR_DOMAIN_XML_SECURE flag when fine-grained ACLs were

Low httpd security, bug fix, and enhancement update | RHSA-2015:0325-02 | March 05, 2015
A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP

Moderate glibc security and bug fix update | RHSA-2015:0327-02 | March 05, 2015
It was found that the files back end of Name Service Switch (NSS) did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database w

Low pcre security and enhancement update | RHSA-2015:0330-02 | March 05, 2015
This update also adds the following enhancement:

Important qemu-kvm security, bug fix, and enhancement update | RHSA-2015:0349-01 | March 05, 2015
An uninitialized data structure use flaw was found in the way the set_pixel_format() function sanitized the value of bits_per_pixel. An attacker able to access a guest's VNC console could use this fla

Moderate libreoffice security, bug fix, and enhancement update | RHSA-2015:0377-01 | March 05, 2015
A flaw was found in the OLE (Object Linking and Embedding) generation in LibreOffice. An attacker could use this flaw to embed malicious OLE code in a LibreOffice document, allowing for arbitrary code

Moderate ppc64-diag security, bug fix, and enhancement update | RHSA-2015:0383-01 | March 05, 2015
The ppc64-diag packages have been upgraded to upstream version 2.6.7, which provides a number of bug fixes and enhancements over the previous version including support for hot plugging of QEMU PCI dev

Low powerpc-utils security, bug fix, and enhancement update | RHSA-2015:0384-01 | March 05, 2015
The powerpc-utils packages have been upgraded to the upstream version 1.2.24, which provides a number of bug fixes and enhancements over the previous version. (BZ#1088539, BZ#1167865, BZ#1161552)

Important 389-ds-base security, bug fix, and enhancement update | RHSA-2015:0416-02 | March 05, 2015
It was found that when the nsslapd-unhashed-pw-switch 389 Directory Server configuration option was set to "off", it did not prevent the writing of unhashed passwords into the Changelog. Thi

Moderate openssh security, bug fix and enhancement update | RHSA-2015:0425-02 | March 05, 2015
It was found that when OpenSSH was used in a Kerberos environment, remote authenticated users were allowed to log in as a different user if they were listed in the ~/.k5users file of that user, potent

Moderate virt-who security, bug fix, and enhancement update | RHSA-2015:0430-01 | March 05, 2015
Red Hat would like to thank Sal Castiglione for reporting this issue.

Moderate krb5 security, bug fix and enhancement update | RHSA-2015:0439-01 | March 05, 2015
A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi

Moderate ipa security, bug fix, and enhancement update | RHSA-2015:0442-01 | March 05, 2015
Note: The IdM version provided by this update no longer uses jQuery.

Important kernel security, bug fix, and enhancement update | RHSA-2015:0290-01 | March 05, 2015
* It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged us

Low GNOME Shell security, bug fix, and enhancement update | RHSA-2015:0535-01 | March 05, 2015
This update also fixes the following bugs:

Important qemu-kvm-rhev security, bug fix, and enhancement update | RHSA-2015:0624-01 | March 05, 2015
An uninitialized data structure use flaw was found in the way the set_pixel_format() function sanitized the value of bits_per_pixel. An attacker able to access a guest's VNC console could use this fla

Page: 123456 out of 751

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »