[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15178 Download | Alert*

Read access violation in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2 allows remote attackers to cause a denial of service , as demonstrated by isi2xml.

NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service , as demonstrated by end2xml.

An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of other users" icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user"s $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this locatio ...

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script "mount.cifs.wrapper" uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards .

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring.

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating the domain parameter of the samba URL.

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere by passing directory traversal sequences such as a home/../usr substring.

webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function . Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.


Pages:      Start    1063    1064    1065    1066    1067    1068    1069    1070    1071    1072    1073    1074    1075    1076    ..   1517

© SecPod Technologies