[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

254492

 
 

909

 
 

198541

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 82183 Download | Alert*

It was discovered that libvncserver0, a collection of libraries used to implement VNC/RFB clients and servers, incorrectly processed incoming network packets. This resulted in several heap-based buffer overflows, allowing a rogue server to either cause a DoS by crashing the client, or potentially execute arbitrary code on the client side.

Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat file.

Several vulnerabilities were discovered in BIND, a DNS server implementation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-3136 Oleg Gorokhov of Yandex discovered that BIND does not properly handle certain queries when using DNS64 with the "break-dnssec yes;" option, allowing a remote attacker to cause a denial-of-service. CVE-2017-3137 It ...

It was discovered that podbeuter, the podcast fetcher in newsbeuter, a text-mode RSS feed reader, did not properly escape the name of the media enclosure , allowing a remote attacker to run an arbitrary shell command on the client machine. This is only exploitable if the file is also played in podbeuter.

It was discovered that gunicorn, an event-based HTTP/WSGI server was susceptible to HTTP Response splitting.

The unzip utility is used to list, test, and extract files from zip archives. Security Fix: * unzip: overlapping of files in ZIP container leads to denial of service For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on ch ...

Poppler is a Portable Document Format rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File format files. Security Fix: * poppler: integer overflow in Parser::makeStream in Parser.cc * poppl ...

Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: potential OOB access due to unsafe snprintf usages For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related in ...

The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent ...

The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent ...


Pages:      Start    3299    3300    3301    3302    3303    3304    3305    3306    3307    3308    3309    3310    3311    3312    ..   8218

© SecPod Technologies