[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6585 Download | Alert*

Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.

Two vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer, which may result in denial of service or remote code execution. An attacker can craft a PDF document which, when opened in the victim host, might consume vast amounts of memory, crash the program, or, in some cases, execute code in the context in which the application is running.

Two vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer, which may result in denial of service or remote code execution. An attacker can craft a PDF document which, when opened in the victim host, might consume vast amounts of memory, crash the program, or, in some cases, execute code in the context in which the application is running.

A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in "go get", which could result in the execution of arbitrary shell commands.

A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in go get, which could result in the execution of arbitrary shell commands.

Multiple heap buffer over reads were discovered in freexl, a library to read Microsoft Excel spreadsheets, which could result in denial of service.

Multiple heap buffer over reads were discovered in freexl, a library to read Microsoft Excel spreadsheets, which could result in denial of service.

It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525.

Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. They could lead to the use of an incorrect upstream proxy, or allow a remote attacker to cause a denial-of-service by application crash.

Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. They could lead to the use of an incorrect upstream proxy, or allow a remote attacker to cause a denial-of-service by application crash.


Pages:      Start    332    333    334    335    336    337    338    339    340    341    342    343    344    345    ..   658

© SecPod Technologies