[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

Miroslav Lichvar reported that the ptp4l program in linuxptp, an implementation of the Precision Time Protocol , does not validate the messageLength field of incoming messages, allowing a remote attacker to cause a denial of service, information leak, or potentially remote code execution.

Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, bypass of logout restrictions or authentications using variations of a valid user name.

Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, bypass of logout restrictions or authentications using variations of a valid user name.

The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca function could result in memory corruption, allowing to crash systemd and hence the entire operating system. Details can be found in the Qualys advisory at https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt

Andrea Fioraldi discovered a buffer overflow in libsndfile, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file.

The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca function could result in memory corruption, allowing to crash systemd and hence the entire operating system. Details can be found in the Qualys advisory at https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt

Andrea Fioraldi discovered a buffer overflow in libsndfile1-dev, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file.

Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical web browser, does not properly handle the userinfo subcomponent of a URI, which can lead to leaking of credential in cleartext in SNI data.

Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical web browser, does not properly handle the userinfo subcomponent of a URI, which can lead to leaking of credential in cleartext in SNI data.

Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service condition or bypass filtering technology on an affected device and ex-filtrate data from a compromised host.


Pages:      Start    347    348    349    350    351    352    353    354    355    356    357    358    359    360    ..   654

© SecPod Technologies