[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80963 Download | Alert*

It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives. An attacker, able to provide a specially crafted archive for processing, could use this flaw to write or overwrite arbitrary files in the context of the Perl interpreter.

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service via crafted XMP data in a .avi file.An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service or possibly have unspecified other impact via a .pdf file containing JPEG data, ...

An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack.In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in __zzip_fetch_disk_trailer . Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip fi ...

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox CVE-2021-23968

This update for libxml2 fixes the following issues: - CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write in buf.c and tree.c . - CVE-2017-16932: Prevent infinite recursion in parameter entities .

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.8.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-08 * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect * CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect ...

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file - Buffer over-read in unRAR code due to missing max value checks in table initialization - Libmspack heap buff ...

This update for ghostscript fixes the following issues: - CVE-2018-10194: The set_text_distance function did not prevent overflows in text-positioning calculation, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document .

This update for perl fixes the following issues: - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files

This update for gpg2 fixes the following issues: * CVE-2018-9234: Fixed unenforced configuration allows for apparently valid certifications actually signed by signing subkeys .


Pages:      Start    3378    3379    3380    3381    3382    3383    3384    3385    3386    3387    3388    3389    3390    3391    ..   8096

© SecPod Technologies