[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116370

 
 

909

 
 

90976

 
 

142

 
 
Paid content will be excluded from the download.

Filter
Matches : 3297 Download | Alert*

It was discovered that a buffer overflow in the XMLRPC response encoding code of the Atheme IRC services may result in denial of service.

Brandon Perry discovered that xerces-c, a validating XML parser library for C++, fails to successfully parse a DTD that is deeply nested, causing a stack overflow. A remote unauthenticated attacker can take advantage of this flaw to cause a denial of service against applications using the xerces-c library. Additionally this update includes an enhancement to enable applications to fully disable DTD ...

Gustavo Grieco discovered an use-after-free vulnerability in xerces-c, a validating XML parser library for C++, due to not properly handling invalid characters in XML input documents in the DTDScanner.

Markus Krell discovered that xymon, a network- and applications-monitoring system, was vulnerable to the following security issues: CVE-2016-2054 The incorrect handling of user-supplied input in the "config" command can trigger a stack-based buffer overflow, resulting in denial of service or remote code execution. CVE-2016-2055 The incorrect handling of user-supplied input in the " ...

Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.23. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10023-release-notes/

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49

Several vulnerabilities have been fixed in phpMyAdmin, the web-based MySQL administration interface. CVE-2016-1927 The suggestPassword function relied on a non-secure random number generator which makes it easier for remote attackers to guess generated passwords via a brute-force approach. CVE-2016-2039 CSRF token values were generated by a non-secure random number genrator, which allows remote at ...

Jann Horn discovered that the setuid-root mount.ecryptfs_private helper in the ecryptfs-utils would mount over any target directory that the user owns, including a directory in procfs. A local attacker could use this flaw to escalate his privileges.

Multiple security issues have been found in the Xen virtualisation solution, which may result in denial of service or information disclosure. The oldstable distribution will be updated in a separate DSA.

Dawid Golunski discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address. Note that for this issue also CVE-2016-10045 was assigned, which is a regression in the original patch proposed for CVE-2016-10033. Because the origial patch was not applied in Debian, Debian was not vulner ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   329

© SecPod Technologies