[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 5607 Download | Alert*

The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtu ...

RealtimeKit is a D-Bus system service that changes the scheduling policy of user processes/threads to SCHED_RR on request. It is intended to be used as a secure mechanism to allow real-time scheduling to be used by normal user processes. It was found that RealtimeKit communicated with PolicyKit for authorization using a D-Bus API that is vulnerable to a race condition. This could have led to inte ...

RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently do ...

The libtar package contains a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to ...

gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc"s implementation of the malloc and calloc routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc and calloc routines, a remote attacker could provide specially crafted application- ...

Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with th ...

OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format. Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Multiple denial o ...

This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure . It was found that a subordinate Certificate Authority mis-issued an intermediate certificate, which could be used to conduct man-in-the-middle attacks. This update renders that particular intermediate certificate as untrusted. All users should upgrade to this up ...

Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. It was found that a subordinate Certificate Authority mis-issued an intermediate certificate, which could be used to conduct man-in-the-middle attacks. This update renders that particular intermediate certificate as untrusted. Note: This fix only ...

OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 1.2 was enabled. This could possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application ...


Pages:      Start    375    376    377    378    379    380    381    382    383    384    385    386    387    388    ..   560

© SecPod Technologies