[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6585 Download | Alert*

It was reported that the apache2 update released as DSA 4509-1 incorrectly fixed CVE-2019-10092. Updated apache2 packages are now available to correct this issue. For reference, the relevant part of the original advisory text follows. CVE-2019-10092 Matei Mal Badanoiu reported a limited cross-site scripting vulnerability in the mod_proxy error page.

Multiple security issues were discovered in python-pil, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images are processed.

It was discovered that PyJWT, a Python implementation of JSON Web Token performed insufficient validation of some public key types, which could allow a remote attacker to craft JWTs from scratch.

It was discovered that the bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment AS_PATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity.

It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys.

Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-1000024 Louis Dion-Marcil discovered that Squid does not properly handle processing of certain ESI responses. A remote server delivering certain ESI response syntax can take advantage of this flaw to cause a denial of s ...

OSS-fuzz, assisted by Max Dymond, discovered that cURL, an URL transfer library, could be tricked into reading data beyond the end of a heap based buffer when parsing invalid headers in an RTSP response.

Alex Rousskov from The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not properly handle errors for certain malformed HTTP responses. A remote HTTP server can exploit this flaw to cause a denial of service .

Several vulnerabilities were discovered in imlib2, an image manipulation library. CVE-2011-5326 Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse results in a floating point exception. CVE-2014-9771 It was discovered that an integer overflow could lead to invalid memory reads and unreasonably large memory allocations. CVE-2016-3993 Yuriy M. Kaminskiy discovered that drawing using co ...

Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory and potentially leading to pr ...


Pages:      Start    255    256    257    258    259    260    261    262    263    264    265    266    267    268    ..   658

© SecPod Technologies