[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255227

 
 

909

 
 

198741

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15249 Download | Alert*

Crypto++ through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory after an assertion failure, as demonstrated by reading a core dump.

In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.

The host is installed with Google Chrome before 107.0.5304.68 and is prone to an insufficient data validation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

The host is installed with Google Chrome before 107.0.5304.68 and is prone to an insufficient data validation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability.

An issue was discovered in GNU libcdio-dev before 2.0.0. There is a double free in get_cdtext_generic in lib/driver/_cdio_generic.c.

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states "We understand that the OpenSSH developers do not want to treat such a username enumeration as a vulnerability."

gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.

The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server 12.2.1.3 or 12.2.1.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Third Party Tools (jackson-databind). Successful exploitation can cause unspecified impact.


Pages:      Start    971    972    973    974    975    976    977    978    979    980    981    982    983    984    ..   1524

© SecPod Technologies