[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 307 Download | Alert*

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nft_verdict_init() function, allowing positive values as a drop error within the hook verdict, therefore, the nf_hook_slow() function can cause a double-free vulnerability when NF_DROP is issued with a drop error that resembles NF_ACCEPT. The nf_tables component can be exploited to achieve local privilege esc ...

A flaw was found in the PostgreSQL JDBC Driver. A SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value.

A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met.

The host is installed with kernel through 3.18.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle keyctl commands that trigger access to a key structure member during garbage collection of a key. Successful exploitation allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified oth ...

The host is installed with kernel on Red Hat Enterprise Linux 7 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted microcode header. Successful exploitation could allow attackers to escalate privileges on the affected system.

The host is installed with kernel on RHEL 6, or 7 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle IRET faults in processing NMIs that occurred during userspace execution. Successful exploitation could allow attackers to gain privileges.

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of servi ...

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack re ...

The host is installed with RHEL 6 or 7 and is prone to an out-of-bounds heap read vulnerability. A flaw is present in the application, which fails to handle a malformed input document. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with Linux kernel through 3.17.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which miscalculates the number of pages during the handling of a mapping failure. Successful exploitation allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   30

© SecPod Technologies