[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251625

 
 

909

 
 

196370

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81110 Download | Alert*

It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user is dragging a specific file or map to a location to extract to.

Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication and hostapd . CVE-2019-13377 A timing-based side-channel attack against WPA3"s Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficient source address validation for some received Management frames in hostapd could lead to a denial o ...

Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID - -1 or 4294967295. This could allow a user with sufficient sudo privileges to run commands as root even if the Runa ...

A buffer overflow was found in file, a file type classification tool, which may result in denial of service or potentially the execution of arbitrary code if a malformed CDF file is processed.

A use-after-free was found in libarchive, a multi-format archive and compression library, which could result in denial of service and potentially the execution of arbitrary code is a malformed archive is processed.

Multiple integer overflows have been discovered in the libtiff library and the included tools.

Multiple vulnerabilities were discovered in cURL, an URL transfer library. CVE-2019-5436 A heap buffer overflow in the TFTP receiving code was discovered, which could allow DoS or arbitrary code execution. This only affects the oldstable distribution . CVE-2019-5481 Thomas Vegas discovered a double-free in the FTP-KRB code, triggered by a malicious server sending a very large data block. CVE-2019- ...

Several vulnerabilities have been found in the libtiff5-dev library, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.

A buffer overflow was discovered in the Aspell spell checker, which could result in the execution of arbitrary code.

The advisory is missing the security advisory description. For more information please visit the reference link


Pages:      Start    3239    3240    3241    3242    3243    3244    3245    3246    3247    3248    3249    3250    3251    3252    ..   8110

© SecPod Technologies