[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 3239 Download | Alert*

Bjoern Jacke discovered that Exim, Debian"s default mail transfer agent, may leak the private DKIM signing key to the log files if specific configuration options are met.

It was discovered that YADIFA, an authoritative DNS server, did not sufficiently check its input. This allowed a remote attacker to cause a denial-of-service by forcing the daemon to enter an infinite loop.

It was discovered discovered that SSL connections with client certificates stopped working after the DSA-2795-1 update of lighttpd. An upstream patch has now been applied that provides an appropriate identifier for client certificate verification.

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.27, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.27

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability.

George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions , thus allowing remote authenticated users to execute arbitrary code on the firebird server.

Two vulnerabilities have been found in the MySQL Connector/J JDBC driver.

The previous subversion security update, DSA-3107-1, introduced a regression which causes Apache httpd to fail to start due to an undefined symbol dav_svn__new_error in configurations which used mod_dav_svn.

It was discovered that libgtk2-perl, a Perl interface to the 2.x series of the Gimp Toolkit library, incorrectly frees memory which GTK+ still holds onto and might access later, leading to denial of service or, potentially, to arbitrary code execution.

Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard: CVE-2014-3591 The Elgamal decryption routine was susceptible to a side-channel attack discovered by researchers of Tel Aviv University. Ciphertext blinding was enabled to counteract it. Note that this may have a quite noticeable impact on Elgamal decryption performance. CVE-2015-0837 The modular exponentiation routine mpi_po ...

Pages:      Start    312    313    314    315    316    317    318    319    320    321    322    323    ..   323

© SecPod Technologies