[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6530 Download | Alert*

Two vulnerabilities have been discovered in ISC"s BIND DNS server. CVE-2016-1285 A maliciously crafted rdnc, a way to remotely administer a BIND server, operation can cause named to crash, resulting in denial of service. CVE-2016-1286 An error parsing DNAME resource records can cause named to crash, resulting in denial of service.

Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is enabled and the sshd PAM configuration is configured to read user- specified environment variables and the "UseLogin" option is enabled, a local user may escalate her privileges to root. In Debian "UseLogin" is not enabled by default.

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-3158, CVE-2016-3159 Jan Beulich from SUSE discovered that Xen does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors. A malicious domain can take advantage of this flaw to obtain address space usage a ...

Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. bogofilter will be rebuild against the updated flex in a followup update. Further affected applications should be reported at the bug r ...

It was reported that the update for flex as released in DSA-3653-1 did not completely address CVE-2016-6354 as intended due to problems in the patch handling and regenerated files during the build. Additionally a regression was introduced, causing new warnings when compiling flex generated code. Updated packages are now available to address these problems. For reference, the relevant part of the o ...

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7777 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially allowing guest users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on t ...

Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks. In additional to the CVE identifiers listed above, this update also addresses the vulnerabilities announced as XSA-213, XSA-214 and XSA-215.

Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-5179 Yannic Boneberger discovered an error in the ServiceWorker implementation. CVE-2018-17462 Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox. CVE-2018-17463 Ned Williamson and Niklas Baumstark discovered a remote code execution issue in the v8 javascript library. CVE-2018-17464 xisigr di ...

Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code.

Several security issues have been discovered in kde4libs, core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that there is a use-after-free flaw in handling certain DOM event handlers. This could lead to the execution of arbitrary code, when visiting a malicious website. It was discovered that there could ...


Pages:      Start    272    273    274    275    276    277    278    279    280    281    282    283    284    285    ..   652

© SecPod Technologies