Download
| Alert*
CVE-2016-0742
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. CVE-2016-0747 The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. CVE-2014-9089 Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_set.php. CVE-1999-0038 Buffer overflow in xlock program allows local users to execute commands as root. CVE-1999-0389 Buffer overflow in the bootp server in the Debian Linux netstd package. CVE-1999-0914 Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. CVE-2018-19200 An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function. |