Security Advisories & Alerts

The Stack Clash – Linux root privilege escalation vulnerability

Description: The flaw was discovered last month by security researchers from Qualys, who worked with various vendors to make sure patches are available before going public with their findings. According to Qualys researchers, the issue affects a host of *NIX systems, such as Linux, OpenBSD, NetBSD, FreeBSD, and Solaris. Researchers...

Read more


Wireshark ‘dissectors/asn1/ros/packet-ros-template.c’ Denial of Service Vulnerability

Description: In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. Impact: Attackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Mitigation: Upgrade to Wireshark 2.2.7 or later. Reference URL’s: http://www.securityfocus.com/bid/98800/info...

Read more


Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability

Description: Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations. Impact: An attacker can exploit this issue to...

Read more


Multiple Asterisk Products Denial of Service Vulnerability: CVE-2017-9359

Description: The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. Impact: Attackers can exploit...

Read more


Oracle Solaris CVE-2017-3622 Local Privilege Escalation Vulnerability

Description: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily “exploitable” vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result...

Read more


Page 1 of 1212345...10...Last »