[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 82604 Download | Alert*

CVE-2016-0736: Padding Oracle in Apache mod_session_crypto Affects: 2.4.1 to 2.4.23 Fixed in: 2.4.25

CVE-2016-10195: dns remote stack overread vulnerability. Fixed in libevent 2.1.6

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 throughv2.0 allows remote attackers to cause a denial of service or possiblyhave unspecified other impact.

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. Reference:

There were two bugs in curl"s parser for the command line option --write-out that would skip the end of string zero byte if the string ended in a % or \ , and it would read beyond that buffer in the heap memory and it could then potentially output pieces of that memory to the terminal or the target file etc. Affected versions: 6.5 to and including 7.53.1 Not affected versions: = 7.54.0

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that data with a pointer and the size to the deliver-data function. Affected versions:¶ libcurl 7.20.0 to and including 7.56.0 Not affected versions:¶ libcurl = 7.56.1

An integer overflow vulnerability in nginx range filter module in ngx_ function was found, potentially resulting in memory disclosure when used with 3rd party modules. Issue can be triggered by specially crafted http range request resulting into leaking the content of the cache file header. Affected versions: nginx 0.5.6 - 1.13.2. Fixed In Version: nginx 1.13.3, nginx 1.12.1.

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability. Fixed In Version libsoup 2.59.90.1, libsoup 2.58.2, libsoup 2.56.1

Subversion"s mod_dontdothat module and clients using are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack, otherwise known as the "billion laughs attack", targets XML parsers and can cause the targeted process to consume an excessive amount of CPU resources or memory. Fixed In Version: subversion 1.8.17, subversion 1.9.5 Reference:

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability. Fixed In Version: libsoup 2.59.90.1, libsoup 2.58.2, libsoup 2.56.1


Pages:      Start    3717    3718    3719    3720    3721    3722    3723    3724    3725    3726    3727    3728    3729    3730    ..   8260

© SecPod Technologies