[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44042 Download | Alert*

memcached: high-performance memory object caching system Memcached could be made to crash if it received specially crafted network traffic.

tcpflow: TCP flow recorder tcpflow could be made to crash or expose sensitive information over the network if it opened a specially crafted file or received specially crafted network traffic.

Rich Mirch discovered that the pg_ctlcluster script didn"t drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

postgresql-common: PostgreSQL database-cluster manager postgresql-common could be made to create arbitrary directories.

libapache2-mod-auth-mellon: SAML 2.0 authentication module for Apache Several security issues were fixed in mod_auth_mellon.

The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Security Fix: * mod_auth_mellon: open redirect in logout url when using URLs with backslashes For more details about the security issue, including the impact, a CVSS ...

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. Security F ...

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fix: * haproxy: Out-of-bounds read in HPACK decoder For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Tim Dusterhus and Willy Tarreau for reporti ...

This update fixes the following issues: - CVE-2018-1059: The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. .

This update for perl-Archive-Zip fixes the following security issue: - CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could have used this flaw to write or overwrite arbitrary files in the context of the perl interpreter


Pages:      Start    4224    4225    4226    4227    4228    4229    4230    4231    4232    4233    4234    4235    4236    4237    ..   4404

© SecPod Technologies