[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81359 Download | Alert*

A vulnerability in the handling of normalization with modrdn was discovered in libldap-2.4-2, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service via a specially crafted packet.

It was discovered that raptor2, an RDF parser library, is prone to heap-based buffer overflow flaws, which could result in denial of service, or potentially the execution of arbitrary code, if a specially crafted file is processed.

It was discovered that a boundary check in libexif, a library to parse EXIF files, could be optimised away by the compiler, resulting in a potential buffer overflow.

Two vulnerabilities were discovered in python-moinmoin, a Python clone of WikiWiki. CVE-2020-15275 Catarina Leite discovered that python-moinmoin is prone to a stored XSS vulnerability via SVG attachments. CVE-2020-25074 Michael Chapman discovered that python-moinmoin is prone to a remote code execution vulnerability via the cache action.

Ken Gaillot discovered a vulnerability in the Pacemaker cluster resource manager: If ACLs were configured for users in the quot;haclientquot; group, the ACL restrictions could be bypassed via unrestricted IPC communication, resulting in cluster-wide arbitrary code execution with root privileges. If the quot;enable-aclquot; cluster option isn"t enabled, members of the quot;haclientquot; group can m ...

Demi Obeneour discovered that unbounded recursion in the ASN1 parser of libkrb5 could result in denial of service.

Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could result in denial of service, or possibly, execution of arbitrary code.

Jan-Niklas Sohn discovered that the XKB extension of the Xorg X server performed incomplete input validation, which could result in privilege escalation.

David Benjamin discovered a flaw in the GENERAL_NAME_cmp function which could cause a NULL dereference, resulting in denial of service. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20201208.txt

It was discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could cause out-of-bounds reads or infinite loops, resulting in denial of service when processing malformed deb files.


Pages:      Start    3128    3129    3130    3131    3132    3133    3134    3135    3136    3137    3138    3139    3140    3141    ..   8135

© SecPod Technologies