[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 82604 Download | Alert*

Two errors in the "asn1_find_node" function within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.

CVE-2016-4476 : denial of service via crafted WPA/WPA2 passphrase parameter. wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service via a crafted WPS operation.

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crashor possible code execution. Fixed In Version: augeas 1.8.1

CVE-2017-9611: The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

CVE-2017-14746: Use-after-free vulnerability. Affected Versions: All versions of Samba from 4.0.0 onwards. Fixed In: Samba 4.7.3, 4.6.11 and 4.5.15

CVE-2017-12893: Buffer over-read in smbutil.c:name_len in SMB/CIFS parser CVE-2017-12894: Buffer over-read in addrtoname.c:lookup_bytestring CVE-2017-12895: Buffer over-read in print-icmp.c:icmp_print in ICMP parser CVE-2017-12896: Buffer over-read in print-isakmp.c:isakmp_rfc3948_print in ISAKMP parser CVE-2017-12897: Buffer over-read in print-isoclns.c:isoclns_print in ISO CLNS parser CVE-2017-1 ...

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an E ...

A coding mistake was found in TLS Certificate Status Request extension feature that asks for a fresh proof of the server"s certificate"s validity in the code that checks for a test success or failure. It ends up always thinking there"s valid proof, even when there is none or if the server does not support the TLS extension in question. Contrary to how it used to function and contrary to how this f ...

CVE-2017-10965: When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. Fixed In: Irssi 1.0.4

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect.


Pages:      Start    3721    3722    3723    3724    3725    3726    3727    3728    3729    3730    3731    3732    3733    3734    ..   8260

© SecPod Technologies