[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6529 Download | Alert*

Insufficient input sanitising in libwmf, a library to process Windows metafile data, may result in denial of service or the execution of arbitrary code if a malformed WMF file is opened.

Frediano Ziglio of Red Hat discovered a race condition flaw in spice"s worker_update_monitors_config function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process.

Frediano Ziglio of Red Hat discovered several vulnerabilities in spice, a SPICE protocol client and server library. A malicious guest can exploit these flaws to cause a denial of service , execute arbitrary code on the host with the privileges of the hosting QEMU process or read and write arbitrary memory locations on the host.

Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551 Federico Scrinzi discovered an information leak in the handling of ODF documents. Quoting from https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/: The LinkUpdateMode feature controls whether documents inserted into Writer or Calc via links will either not get update ...

Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands. The oldstable distribution is not affected.

Adam Chester discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands.

Michal Kowalczyk and Adam Chester discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands.

Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.

Andreas Schneider reported that libssh2, a SSH2 client-side library, passes the number of bytes to a function that expects number of bits during the SSHv2 handshake when libssh2 is to get a suitable value for "group order" in the Diffie-Hellman negotiation. This weakens significantly the handshake security, potentially allowing an eavesdropper with enough resources to decrypt or intercept SSH sess ...

Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.


Pages:      Start    388    389    390    391    392    393    394    395    396    397    398    399    400    401    ..   652

© SecPod Technologies