[Forgot Password]
Login  Register Subscribe

24544

 
 

132176

 
 

121100

 
 

909

 
 

98726

 
 

148

 
 
Paid content will be excluded from the download.

Filter
Matches : 246 Download | Alert*

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges.

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials.

This is a flaw in the Intel processor execution engine sharing on SMT (e.g. Hyper-Threading) architectures. It can result in leakage of secret data in applications such as OpenSSL that has secret dependent control flow at any granularity level. In order to exploit this flaw, the attacker needs to run a malicious process on the same core of the processor as the victim process.

openssh: scp client improper directory name validation

CVE-2019-6111 openssh: Improper validation of object names allows malicious server to overwrite files via scp client

CVE-2019-6110 openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output

CVE-2019-6109 openssh: Missing character encoding in progress display allows for spoofing of scp client output.

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data.

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their offic ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   24

© SecPod Technologies