[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 196303 Download | Alert*

Frediano Ziglio of Red Hat discovered a race condition flaw in spice"s worker_update_monitors_config function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process.

Frediano Ziglio of Red Hat discovered several vulnerabilities in spice, a SPICE protocol client and server library. A malicious guest can exploit these flaws to cause a denial of service , execute arbitrary code on the host with the privileges of the hosting QEMU process or read and write arbitrary memory locations on the host.

Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551 Federico Scrinzi discovered an information leak in the handling of ODF documents. Quoting from https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/: The LinkUpdateMode feature controls whether documents inserted into Writer or Calc via links will either not get update ...

Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands. The oldstable distribution is not affected.

Adam Chester discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands.

Michal Kowalczyk and Adam Chester discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands.

Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.

Andreas Schneider reported that libssh2, a SSH2 client-side library, passes the number of bytes to a function that expects number of bits during the SSHv2 handshake when libssh2 is to get a suitable value for "group order" in the Diffie-Hellman negotiation. This weakens significantly the handshake security, potentially allowing an eavesdropper with enough resources to decrypt or intercept SSH sess ...

Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.

A heap corruption vulnerability was discovered in net-snmp, a suite of Simple Network Management Protocol applications, triggered when parsing the PDU prior to the authentication process. A remote, unauthenticated attacker can take advantage of this flaw to crash the snmpd process or, potentially, execute arbitrary code with the privileges of the user running snmpd.


Pages:      Start    11293    11294    11295    11296    11297    11298    11299    11300    11301    11302    11303    11304    11305    11306    ..   19630

© SecPod Technologies