[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43419 Download | Alert*

Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549 .Interleaved ...

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

An out-of-bounds write was discovered in fontforge while parsing SFD files containing very large LayerCount tokens. The flaw allows an attacker to overwrite data before a buffer allocated on the heap, thus causing the application to crash or execute arbitrary code

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding header * nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string * n ...

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding header * nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string * n ...

The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. Security Fix: * n ...

The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. Security Fix: * n ...

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding header * nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate ...

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding header * nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate ...

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript , TrueType, OpenType and CID-keyed fonts. Security Fix: * fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page list ...


Pages:      Start    1151    1152    1153    1154    1155    1156    1157    1158    1159    1160    1161    1162    1163    1164    ..   4341

© SecPod Technologies