[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 10984 Download | Alert*

The host is installed with Gitlab-ee 10.5.x through 12.3.8, 12.4.x through 12.4.5 or 12.5.x through 12.5.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a issue in the Group Search API provided by the Elasticsearch integration. Successful exploitation allows attackers to diclose private code, when transferring a public project ...

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

A microarchitectural timing flaw was found on some Intel processors. In a corner case where data in-flight during the eviction process can end up in the fill buffers and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.

A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

The host is installed with libXfixes 5.0 or earlier and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted vectors related to the XFixesGetCursorImage function. Successful exploitation could allow attackers to lead to a heap-based buffer overflow.

The host is installed with libXext before 1.3.2 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. Successful exploitation could allow ...

The host is installed with libXv before 1.0.8 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.

The host is installed with libXv before 1.0.8 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted length or index values. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with libXinerama before 1.1.3 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle crafted vectors related to the XineramaQueryScreens function. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.

The host is installed with libXcursor 1.1.13 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle crafted vectors related to the _XcursorFileHeaderCreate function. Successful exploitation could allow attackers to trigger allocation of insufficient memory and a buffer overflow.


Pages:      Start    655    656    657    658    659    660    661    662    663    664    665    666    667    668    ..   1098

© SecPod Technologies