[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 2952 Download | Alert*

Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service.

Joerg-Thomas Vogt discovered that the SecureMode was insufficiently validated in the OTRS ticket system, which could allow agents to escalate their privileges.

Karsten Heymann discovered that the OpenLDAP directory server can be crashed by performing a paged search with a page size of 0, resulting in denial of service. This vulnerability is limited to the MDB storage backend.

Multiple vulnerabilities have been discovered in Expat, an XML parsing C library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-9063 Gustavo Grieco discovered an integer overflow flaw during parsing of XML. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library. CVE-2017-9233 Rhodri Jame ...

Two vulnerabilities were found in Dropbear, a lightweight SSH2 server and client: CVE-2017-9078 Mark Shepard discovered a double free in the TCP listener cleanup which could result in denial of service by an authenticated user if Dropbear is running with the "-a" option. CVE-2017-9079 Jann Horn discovered a local information leak in parsing the .authorized_keys file.

Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the application, information leaks, or potentially, the execution of arbitrary code with the privileges of the ...

Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google"s OSS-Fuzz fuzzing project. CVE-2017-9022 RSA public keys passed to the gmp plugin aren"t validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate with an appropriately prepared public ke ...

It was discovered that tnef, a tool used to unpack MIME attachments of type "application/ms-tnef", did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-0605 A buffer overflow flaw was discovered in the trace subsystem. CVE-2017-7487 Li Qiang reported a reference counter leak in the ipxitf_ioctl function which may result into a use-after-free vulnerability, triggerable when a IPX interface is co ...

Sebastian Krahmer discovered that a programming error in the mount helper binary of the Smb4k Samba network share browser may result in local privilege escalation.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   295

© 2013 SecPod Technologies