[Forgot Password]
Login  Register Subscribe

24547

 
 

132803

 
 

127844

 
 

909

 
 

105823

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 3976 Download | Alert*

Chris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.

Chris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.

Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL.

Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL.

Dominik Penner discovered that Kconfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file arbitrary commands could get executed. This update removes this feature.

Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection,

Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally the libvirt"s cpu map was updated to make addressing CVE-2018-3639, CVE-2017-5753, CVE-2017-5715, C ...

Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally the libvirt"s cpu map was updated to make addressing CVE-2018-3639, CVE-2017-5753, CVE-2017-5715, C ...

Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.

Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   397

© SecPod Technologies