[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80963 Download | Alert*

CVE-2017-14746: Use-after-free vulnerability. Affected Versions: All versions of Samba from 4.0.0 onwards. Fixed In: Samba 4.7.3, 4.6.11 and 4.5.15

CVE-2017-12893: Buffer over-read in smbutil.c:name_len in SMB/CIFS parser CVE-2017-12894: Buffer over-read in addrtoname.c:lookup_bytestring CVE-2017-12895: Buffer over-read in print-icmp.c:icmp_print in ICMP parser CVE-2017-12896: Buffer over-read in print-isakmp.c:isakmp_rfc3948_print in ISAKMP parser CVE-2017-12897: Buffer over-read in print-isoclns.c:isoclns_print in ISO CLNS parser CVE-2017-1 ...

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an E ...

A coding mistake was found in TLS Certificate Status Request extension feature that asks for a fresh proof of the server"s certificate"s validity in the code that checks for a test success or failure. It ends up always thinking there"s valid proof, even when there is none or if the server does not support the TLS extension in question. Contrary to how it used to function and contrary to how this f ...

CVE-2017-10965: When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. Fixed In: Irssi 1.0.4

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect.

An integer overflow vulnerability in nginx range filter module in ngx_ function was found, potentially resulting in memory disclosure when used with 3rd party modules. Issue can be triggered by specially crafted http range request resulting into leaking the content of the cache file header. Affected versions:¶ nginx 0.5.6 - 1.13.2. Fixed In Version:¶ nginx 1.13.3, nginx 1.12.1 Reference: ...

CVE-2017-9611: The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

There were two bugs in curl"s parser for the command line option --write-out that would skip the end of string zero byte if the string ended in a % or \ , and it would read beyond that buffer in the heap memory and it could then potentially output pieces of that memory to the terminal or the target file etc. Affected versions 6.5 to and including 7.53.1 Not affected versions = 7.54.0

Improper sequencing during cleanup operations of upstream recursion fetch contexts in BIND can lead to a use-after-free error, triggering an assertion failure and crash in named. Affected BIND versions acting as DNSSEC validating resolvers are currently known to crash with an assertion failure in netaddr.c due to this bug. Affected versions 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 ...


Pages:      Start    3477    3478    3479    3480    3481    3482    3483    3484    3485    3486    3487    3488    3489    3490    ..   8096

© SecPod Technologies