|Paid content will be excluded from the download.
| Matches : 3074
|It was discovered that specific APL RR data could trigger an INSIST failure in apl_42.c and cause the BIND DNS server to exit, leading to a denial-of-service.
Markus Krell discovered that xymon, a network- and applications-monitoring system, was vulnerable to the following security issues: CVE-2016-2054 The incorrect handling of user-supplied input in the "config" command can trigger a stack-based buffer overflow, resulting in denial of service or remote code execution. CVE-2016-2055 The incorrect handling of user-supplied input in the " ...
It was reported that the update for flex as released in DSA-3653-1 did not completely address CVE-2016-6354 as intended due to problems in the patch handling and regenerated files during the build. Additionally a regression was introduced, causing new warnings when compiling flex generated code. Updated packages are now available to address these problems. For reference, the relevant part of the o ...
Lukas Reschke discovered that Apache Jackrabbit, an implementation of the Content Repository for Java Technology API, did not correctly check the Content-Type header on HTTP POST requests, enabling Cross-Site Request Forgery attacks by malicious web sites.
Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, cross-site request forgery, path traversal, or bypass restrictions.
Bjoern Jacke discovered that Exim, Debian"s default mail transfer agent, may leak the private DKIM signing key to the log files if specific configuration options are met.
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Thunderbird. Support for the 45.x series has ended, so starting with this update we"re now following the 52.x releases.
It was discovered that YADIFA, an authoritative DNS server, did not sufficiently check its input. This allowed a remote attacker to cause a denial-of-service by forcing the daemon to enter an infinite loop.
Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed.
Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. The Common Vulnerabilities and Exposures project identifies the following problems: Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets. John Kortink reported a buffer overflo ...
Pages:      Start    277    278    279    280    281    282    283    284    285    286    287    288    289    290    ..   307
© 2013 SecPod Technologies