[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.

A heap corruption vulnerability was discovered in net-snmp, a suite of Simple Network Management Protocol applications, triggered when parsing the PDU prior to the authentication process. A remote, unauthenticated attacker can take advantage of this flaw to crash the snmpd process or, potentially, execute arbitrary code with the privileges of the user running snmpd.

HD Moore of Rapid7 discovered a symlink attack in Wget, a command-line utility to retrieve files via HTTP, HTTPS, and FTP. The vulnerability allows to create arbitrary files on the user"s system when Wget runs in recursive mode against a malicious FTP server. Arbitrary file creation may override content of user"s files or permit remote code execution with the user privilege. This update changes th ...

A regression in the decoding of chroma-subsampled images in OpenJPEG was introduced by one of the patches for CVE-2013-6045. This update fixes the regression. For reference, the original text of DSA-2808-1 is reproduced below: Several vulnerabilities have been discovered in OpenJPEG, a JPEG 2000 image library, that may lead to denial of service via application crash or high memory consumption, po ...

Ben Hawkes and Tavis Ormandy discovered that the dynamic loader in GNU libc allows local users to gain root privileges using a crafted LD_AUDIT environment variable. For the stable distribution , this problem has been fixed in version 2.7-18lenny6. For the upcoming stable distribution , this problem has been fixed in version 2.11.2-6+squeeze1 of the eglibc package. For the unstable distribution , ...

Colin Watson discovered that the update for stable relased in DSA-2122-1 did not complete address the underlying security issue in all possible scenarios.

Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite. The revocation plugin uses OCSP URIs and CRL distribution points which come from certificates provided by the remote endpoint. The plugin didn"t check for the certificate chain of trust before using those URIs, so an attacker could provided a crafted certificate containing URIs pointing to ser ...

A vulnerability was discovered in Wordpress, a web blogging tool. It allowed remote attackers with specific roles to execute arbitrary code.

A vulnerability was discovered in Wordpress, a web blogging tool. It allowed remote attackers with specific roles to execute arbitrary code.

It was discovered that Smarty, a PHP template engine, was vulnerable to code-injection attacks. An attacker was able to craft a filename in comments that could lead to arbitrary code execution on the host running Smarty.


Pages:      Start    393    394    395    396    397    398    399    400    401    402    403    404    405    406    ..   654

© SecPod Technologies