Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash server, which might allow attackers to obtain sensitive information via...
Read Morentp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #,...
Read MoreThe snapshot API in Elasticsearch before 1.6.0 when another application exists on the system that can read Lucene files and execute code from them, is accessible by the attacker, and the Java VM on which Elasticsearch is running...
Read MoreAn information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user’s...
Read MoreData corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors.
Read More