[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 82604 Download | Alert*

The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix: * procps-ng, procps: Local privilege escalation in top For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ...

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources * tomcat: Late application of security constraints can lead to resource exposure for unauthorised users * tomcat: Insecure defaults in CORS filter enable "supportsCredentia ...

Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles. Security Fix: * exempi: Infinite Loop in Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp * exempi: Use after free via a PDF file containing JPEG data * exempi: Infinite loop in ASF_Support::ReadHeaderObject function i ...

The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files. Security Fix: * perl: Directory traversal in Archive::Tar For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this ...

The zziplib is a lightweight library to easily extract data from zip files. Security Fix: * zziplib: Bus error caused by loading of a misaligned address inzzip/zip.c * zziplib: Memory leak triggered in the function __zzip_parse_root_directory in zip.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pa ...

CVE-2017-12150: SMB1/2/3 connections may not require signing where they should Affected versions samba 3.0.25 to 4.6.7 Fixed in samba 4.6.8, 4.5.14 and 4.4.16

CVE-2017-9468: When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. Fixed in Irssi 1.0.3 Reference Patch CVE-2017-9469: When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory. Fixed in Irssi 1.0.3 Reference Patch

Two path traversal flaws in awstats in awstats 7.6 and earlier, that could be leveraged for unauthenticated remote code execution.

CVE-2017-9468: When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. Fixed in: Irssi 1.0.3 Reference: Patch; CVE-2017-9469: When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory. Fixed in: Irssi 1.0.3 Reference: Patch;

spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.


Pages:      Start    3716    3717    3718    3719    3720    3721    3722    3723    3724    3725    3726    3727    3728    3729    ..   8260

© SecPod Technologies