[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80802 Download | Alert*

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that Libgcrypt is prone to a local side-channel attack allowing full key recovery for RSA-1024. See https://eprint.iacr.org/2017/627 for details.

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that GnuPG is prone to a local side-channel attack allowing full key recovery for RSA-1024.

Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-12837 Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a remote attacker to cause a denial of service via a specially crafted regular expression with the case-insensi ...

It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened.

Nick Wellnhofer discovered that certain function calls inside XPath predicates can lead to use-after-free and double-free errors when executed by libxml2"s XPath engine via an XSLT transformation.

Two vulnerabilities were discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library.

Joonun Jang discovered several problems in wavpack, an audio compression format suite. Incorrect processing of input resulted in several heap- and stack-based buffer overflows, leading to application crash or potential code execution.

A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

Harry Sintonen discovered that wget, a network utility to retrieve files from the web, does not properly handle "\r\n" from continuation lines while parsing the Set-Cookie HTTP header. A malicious web server could use this flaw to inject arbitrary cookies to the cookie jar file, adding new or replacing existing cookie values.

It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys.


Pages:      Start    3229    3230    3231    3232    3233    3234    3235    3236    3237    3238    3239    3240    3241    3242    ..   8080

© SecPod Technologies