[Forgot Password]
Login  Register Subscribe

24547

 
 

132804

 
 

129694

 
 

909

 
 

106691

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 254 Download | Alert*

It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system and execute commands.

It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

The host is installed with ntp on Red Hat Enterprise Linux 6 or 7 and is prone to an information leak vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation after several attempts could allow attackers to disclose sensitive information

The host is installed with ntp on Red Hat Enterprise Linux 6 or 7 and is prone to an information leak vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation after several attempts could allow attackers to disclose sensitive information

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

The host is installed with Graphviz 2.34.0 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle vectors related to a "badly formed number" and a "long digit list". Successful exploitation allows remote attackers to have unspecified impact.

The host is installed with Graphviz 2.34.0 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long line in a dot file. Successful exploitation allows remote attackers to have unspecified impact.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials.

The host is installed with krb5 package on Red Hat Enterprise Linux 7 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted client request. Successful exploitation could allow attackers to bypass an intended preauthentication requirement.

The host is installed with qt 4.6.3 or earlier and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed request. Successful exploitation could allow attackers to crash the service.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   25

© SecPod Technologies