[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6585 Download | Alert*

Two vulnerabilities have been found in the PostgreSQL database system: CVE-2018-10915 Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects. CVE-2018-10925 It was discovered that some CREATE TABLE statements could disclose server memory. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1878/

Dariusz Tytko, Michal Sajdak and Qualys Security discovered that OpenSSH, an implementation of the SSH protocol suite, was prone to a user enumeration vulnerability. This would allow a remote attacker to check whether a specific user account existed on the target server.

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite. Problems in the parsing and verification of RSA signatures could lead to a Bleichenbacher-style low-exponent signature forgery in certificates and during IKE authentication. While the gmp plugin doesn"t allow arbitrary data after the ASN.1 structure ...

Frediano Ziglio reported a missing check in the script to generate demarshalling code in the SPICE protocol client and server library. The generated demarshalling code is prone to multiple buffer overflows. An authenticated attacker can take advantage of this flaw to cause a denial of service , or possibly, execute arbitrary code.

Two vulnerabilities were discovered in cURL, an URL transfer library. CVE-2018-16839 Harry Sintonen discovered that, on systems with a 32 bit size_t, an integer overflow would be triggered when a SASL user name longer than 2GB is used. This would in turn cause a very small buffer to be allocated instead of the intended very huge one, which would trigger a heap buffer overflow when the buffer is us ...

Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. CVE-2018-18312 Eiichi Tsukata ...

It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass.

A vulnerability was found in the WPA protocol implementation found in wpa_supplication and hostapd . The EAP-pwd implementation in hostapd and wpa_supplicant doesn"t properly validate fragmentation reassembly state when receiving an unexpected fragment. This could lead to a process crash due to a NULL pointer derefrence. An attacker in radio range of a station or access point with EAP-pwd suppo ...

User Arminius discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi . The Common vulnerabilities and exposures project identifies the following problem: Editors typically provide a way to embed editor configuration commands which are executed once a file is opened, while harmful commands are filtered by a sandbox mechanism. It was discovered that the source command ...

The update for vim released as DSA 4467-1 introduced a regression which broke syntax highlighting in some circumstances. Updated vim packages are now available to correct this issue.


Pages:      Start    253    254    255    256    257    258    259    260    261    262    263    264    265    266    ..   658

© SecPod Technologies