[Forgot Password]
Login  Register Subscribe

24547

 
 

132803

 
 

127844

 
 

909

 
 

105823

 
 

152

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 437 Download | Alert*

The host is installed with Acrobat DC Classic or Acrobat Reader DC Classic before 2015.006.30499, Acrobat DC Continuous or Acrobat Reader DC Continuous before 2019.012.20036, Acrobat 2017 or Acrobat Reader 2017 before 2017.011.30144 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could lea ...

The host is installed with Acrobat DC Classic or Acrobat Reader DC Classic before 2015.006.30499, Acrobat DC Continuous or Acrobat Reader DC Continuous before 2019.012.20036, Acrobat 2017 or Acrobat Reader 2017 before 2017.011.30144 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could lea ...

An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'.

An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The a ...

Microsoft Visual Studio 2019 (16.2) is installed

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   43

© SecPod Technologies