[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146533

 
 

909

 
 

117189

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 27 Download | Alert*

The host is installed with Apache Tomcat 9.x before 9.0.31, 7.x before 7.0.100 or 8.5.x before 8.5.51 and is prone to an AJP request injection vulnerability. A flaw is present in application, which fails to properly handle a regression introduced due to refactoring. Successful exploitation allows remote attackers to execute code.

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ip_reass() routine while reassembling incoming packets if the first fragment is bigger than the m->m_dat[] buffer. An attacker could use this flaw to crash the QEMU process on the host, resulting in a Denial of Service or potentially executing arbitrary code with privileges o ...

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share.

A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction.

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

The host is installed with MySQL 5.1.73 and earlier on Centos 6, mariadb 5.5.50 and earlier on Centos 7 or MySQL 5.0.95 and earlier on Centos 5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle MySQL logging functions. Successful exploitation allows remote attackers to execute arbitrary code.

CVE-2019-6109 openssh: Missing character encoding in progress display allows for spoofing of scp client output.

CVE-2019-6110 openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output

CVE-2019-6111 openssh: Improper validation of object names allows malicious server to overwrite files via scp client


Pages:      Start    1    2    ..   2

© SecPod Technologies