[Forgot Password]
Login  Register Subscribe

24003

 
 

131517

 
 

106904

 
 

909

 
 

84902

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 3147 Download | Alert*

Hans Jerry Illikainen discovered a type conversion vulnerability in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played. This update upgrades VLC in stretch to the new 3.x release series . In addition two packages needed to be rebuild to ensure compatibility with VLC 3; phonon-backend-vlc and goldencheetah . VLC in jes ...

Cedric Buissart from Red Hat discovered an information disclosure bug in pcs, a pacemaker command line interface and GUI. The REST interface normally doesn"t allow passing --debug parameter to prevent information leak, but the check wasn"t sufficient.

Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux. CVE-2013-2053 During an audit of Libreswan , Florian Weimer found a remote buffer overflow in the atodn function. This vulnerability can be triggered when Opportunistic Encryption is enabled and an attacker controls the PTR record of a peer IP address. Authentication is not needed to trigger the vulnerability. CVE- ...

Liao Xinxi discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attemtping deserialization. This allowed an attacker to perform code execution by providing maliciously crafted input.

It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing: following DSA-4004-1 for CVE-2017-7525, an additional set of classes was identified as unsafe for deserialization.

It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525.

Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal.

It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker to perform code execution by providing maliciously crafted input.

Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point and the station . An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks aga ...

Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   314

© 2013 SecPod Technologies