[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 307 Download | Alert*

A flaw was found in the scp program shipped with the openssh-clients package. An attacker having the ability to scp files to a remote server, could execute arbitrary commands on the remote server by including the command as a part of the filename being copied on the server. This command is run with the permissions of user with which the files were copied on the remote server. The highest threat fr ...

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perfor ...

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nft_verdict_init() function, allowing positive values as a drop error within the hook verdict, therefore, the nf_hook_slow() function can cause a double-free vulnerability when NF_DROP is issued with a drop error that resembles NF_ACCEPT. The nf_tables component can be exploited to achieve local privilege esc ...

A flaw was found in the PostgreSQL JDBC Driver. A SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value.

A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met.

The host is installed with kernel through 3.18.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle keyctl commands that trigger access to a key structure member during garbage collection of a key. Successful exploitation allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified oth ...

The host is installed with kernel on Red Hat Enterprise Linux 7 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted microcode header. Successful exploitation could allow attackers to escalate privileges on the affected system.

The host is installed with kernel on RHEL 6, or 7 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle IRET faults in processing NMIs that occurred during userspace execution. Successful exploitation could allow attackers to gain privileges.

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   30

© SecPod Technologies