[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125990

 
 

909

 
 

104883

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 3939 Download | Alert*

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM guest user to crash the guest or potentially escalate their privileges. CVE-2018-8897 Nick Peterson of ...

Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could result in denial of service. CVE-2018-10472 Anthony Perard discovered that incorrect parsing of CDROM i ...

OSS-fuzz, assisted by Max Dymond, discovered that cURL, an URL transfer library, could be tricked into reading data beyond the end of a heap based buffer when parsing invalid headers in an RTSP response.

The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-1122 top read its configuration from the current working directory if no $HOME was configured. If top were started from a directory writable by the attacker this cou ...

Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.

Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email. Details can be found in the upstream advisory at https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html

Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email. Details can be found in the upstream advisory at https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html

Danny Grander discovered a directory traversal flaw in plexus-archiver, an Archiver plugin for the Plexus compiler system, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted Zip archive.

It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys.

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure.


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   393

© SecPod Technologies