[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later cr ...

A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server"s Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions. The updated packages have been patched to correct these issues.

Multiple vulnerabilities has been found and corrected in openssl: The implementation of Cryptographic Message Syntax and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack adaptive chosen ciphertext attack . The mime_param_cmp function in cryp ...

Multiple security issues were identified and fixed in OpenJDK : Fix issues in java sound . Fix in AtomicReferenceArray . Add property to limit number of request headers to the HTTP Server . Incorect checking for graphics rendering object . Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors . Better input parameter ...

A vulnerability has been found and corrected in openssl: A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers . The updated packages have been patched to correct this issue.

A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS . The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been found and corrected in perl: Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service via a crafted Unicode string, which triggers a heap-based buffer overflow . Eval injection in the Digest module before 1.17 for Perl allo ...

Multiple vulnerabilities has been identified and fixed in php: The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server . Note: this was fixe ...

It was discovered that the fix for CVE-2012-2110 was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue.

A vulnerability has been found and corrected in openssl: OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108 . The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been ...


Pages:      Start    26    27    28    29    30    31    32    33    34    35    36    37    38    39    ..   182

© SecPod Technologies