udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
Category Archives: Security
Security
CVE-2014-9922
The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
php-horde-Horde-Crypt-2.7.6-1.el7
**Horde_Crypt 2.7.6**
* [mjr] SECURITY: Fix remote code execution vulnerability (**CVE-2017-7413**, and **CVE-2017-7414**).
php-horde-Horde-Crypt-2.7.6-1.fc26
**Horde_Crypt 2.7.6**
* [mjr] SECURITY: Fix remote code execution vulnerability (**CVE-2017-7413**, and **CVE-2017-7414**).
php-horde-Horde-Crypt-2.7.6-1.el6
**Horde_Crypt 2.7.6**
* [mjr] SECURITY: Fix remote code execution vulnerability (**CVE-2017-7413**, and **CVE-2017-7414**).
php-horde-Horde-Crypt-2.7.6-1.fc25
**Horde_Crypt 2.7.6**
* [mjr] SECURITY: Fix remote code execution vulnerability (**CVE-2017-7413**, and **CVE-2017-7414**).
php-horde-Horde-Crypt-2.7.6-1.fc24
**Horde_Crypt 2.7.6**
* [mjr] SECURITY: Fix remote code execution vulnerability (**CVE-2017-7413**, and **CVE-2017-7414**).
CVE-2017-7412
NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands.
Vuln: IBM Business Process Manager CVE-2017-1140 Cross Site Scripting Vulnerability
IBM Business Process Manager CVE-2017-1140 Cross Site Scripting Vulnerability
DSA-3826 tryton-server – security update
It was discovered that the original patch to address CVE-2016-1242 did
not cover all cases, which may result in information disclosure of file
contents.