[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44042 Download | Alert*

This update for xdg-utils fixes the following issues: Security issue: - CVE-2017-18266: Fix an argument injection when BROWSER contains %s .

This update for perl-Archive-Zip fixes the following security issue: - CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could have used this flaw to write or overwrite arbitrary files in the context of the perl interpreter .

This update for patch fixes several issues. These security issues were fixed: - CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands . - CVE-2014-9637: Prevent DoS by remote attackers via a crafted diff file . - CVE-2016-10713: Prevent out-of-bounds access within pch_write_line that could have lead to DoS via a crafted input file . - CVE-2010-4651: Fixed a directo ...

The libsndfile package was updated to fix the following security issue: - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service . - CVE-2015-7805: Fixed heap overflow issue .

Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext:lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data . The Decisional Diffie-Hellman assumption does not hold for PyCrypto's ElGamal implementatio ...

Malicious patch files cause ed to execute arbitrary commandsGNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD#039;s CVE-2015-1418 however although they share a common ...

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim"s system

LFTP is a file transfer utility for File Transfer Protocol , Secure File Transfer Protocol , Hypertext Transfer Protocol , and other commonly used protocols. It uses the readline library for input, and provides support for bookmarks, built-in monitoring, job control, and parallel transfer of multiple files at the same time. Security Fix: * lftp: particular remote file names may lead to current wor ...

bsh: Java scripting environment BeanShell could be made to run programs if it processed specially crafted input.

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zeroconf Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, see printers to print to, and find shared files on other computers. Hugo Dias discovered a ...


Pages:      Start    4225    4226    4227    4228    4229    4230    4231    4232    4233    4234    4235    4236    4237    4238    ..   4404

© SecPod Technologies