[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

 
 
Paid content will be excluded from the download.

Filter
Matches : 3293 Download | Alert*

A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-002

A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-004

This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly . For servers with AMD CPUs no microcode update is needed, please refer to https://xenbits.xen.org/xsa/advisory-263.html for further information.

This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support and fixes for "Spectre v3a".

This update ships updated CPU microcode for additional models of Intel CPUs which were not yet covered by the Intel microcode update released as DSA-4273-1

Magnus Klaaborg Stubman discovered a NULL pointer dereference bug in net-snmp, a suite of Simple Network Management Protocol applications, allowing a remote, authenticated attacker to crash the snmpd process .

Chris Coulson discovered a use-after-free flaw in the GNOME Display Manager, triggerable by an unprivileged user via a specially crafted sequence of D-Bus method calls, leading to denial of service or potentially the execution of arbitrary code.

Two vulnerabilities have been found in the PostgreSQL database system: CVE-2018-10915 Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects. CVE-2018-10925 It was discovered that some "CREATE TABLE" statements could disclose server memory. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/ne ...

James Davis discovered two issues in Django, a high-level Python web development framework, that can lead to a denial-of-service attack. An attacker with control on the input of the django.utils.html.urlize function or django.utils.text.Truncator"s chars and words methods could craft a string that might stuck the execution of the application.

It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525.


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   329

© SecPod Technologies