[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 3297 Download | Alert*

Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed.

Marco Romano discovered that libquicktime, a library for reading and writing QuickTime files, was vulnerable to an integer overflow attack. When opened, a specially crafted MP4 file would cause a denial of service by crashing the application.

Two vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2221 Shailesh Suthar discovered an open redirection vulnerability. CVE-2016-2222 Ronni Skansing discovered a server-side request forgery vulnerability.

Two vulnerabilities have been discovered in Rails, a web application framework written in Ruby. Both vulnerabilities affect Action Pack, which handles the web requests for Rails. CVE-2016-2097 Crafted requests to Action View, one of the components of Action Pack, might result in rendering files from arbitrary locations, including files beyond the application"s view directory. This vulnerability is ...

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

Two vulnerabilities have been discovered in the server for the Tryton application platform, which may result in information disclosure of password hashes or file contents.

Tuomas Räsänen discovered two vulnerabilities in unADF, a tool to extract files from an Amiga Disk File dump : CVE-2016-1243 A stack buffer overflow in the function extractTree might allow an attacker, with control on the content of a ADF file, to execute arbitrary code with the privileges of the program execution. CVE-2016-1244 The unADF extractor creates the path in the des ...

It was discovered that the original patch to address CVE-2016-1242 did not cover all cases, which may result in information disclosure of file contents.

Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. in an extracted filename.

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are processed.

Pages:      Start    294    295    296    297    298    299    300    301    302    303    304    305    306    307    ..   329

© SecPod Technologies