[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43419 Download | Alert*

The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging stylesheet commands that are permitted by the libxslt security ...

libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the tiff2pdf tool. ...

Multiple vulnerabilities has been discovered and corrected in postgresql: Permissions on a function called by a trigger are not properly checked . SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities . Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_ ...

Multiple vulnerabilities has been discovered and corrected in libtiff: libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code . Multiple integer overflow flaws, ...

Multiple vulnerabilities has been discovered and corrected in postgresql: Prevent access to external files/URLs via contrib/xml2's xslt_process . libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. Disable that through proper use of libxsl ...

A vulnerability has been discovered and corrected in postgresql: PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service or read sensitive ...

KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to cr ...

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the way the Linux kernel"s XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a special ...

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s journal_unmap_buffer function handled buffer head states. On systems that have an ext4 file system with a journal mounted, a local, unprivileged user could use this flaw to cause a denial of service. * A flaw was fo ...

KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user ...


Pages:      Start    1212    1213    1214    1215    1216    1217    1218    1219    1220    1221    1222    1223    1224    1225    ..   4341

© SecPod Technologies