[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118594

 
 

909

 
 

92444

 
 

143

 
 
Paid content will be excluded from the download.

Filter
Matches : 3328 Download | Alert*

The update for ghostscript issued as DSA-4346-1 caused a regression when used with certain options . Updated packages are now available to correct this issue.

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite. Problems in the parsing and verification of RSA signatures could lead to a Bleichenbacher-style low-exponent signature forgery in certificates and during IKE authentication. While the gmp plugin doesn"t allow arbitrary data after the ASN.1 structure ...

Google"s OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16151 . An attacker could trigger it using crafted certificates with RSA keys with very small moduli. Verifying signatures with such keys would cause an integer underflow and subsequent heap buffer overflow resulting in a crash of the daemon. While arbitrary code execution is ...

Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. CVE-2018-6044 Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issue in the developer tools . CVE-2018-6152 Rob Wu discovered an issue in the developer t ...

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.41

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.40

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free. A local user could use this for denial of service or possibl ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the sys ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-9016 Ming Lei reported a race condition in the multiqueue block layer . On a system with a driver using blk-mq , a local user might be able to use this for denial of service or possibly for privilege escalation. CVE-2017-0861 Robb Glasser report ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-15471 Felix Wilhelm of Google Project Zero discovered a flaw in the hash handling of the xen-netback Linux kernel module. A malicious or buggy frontend may cause the backend to make out of bounds memory accesses, potentially resulting in privi ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   332

© SecPod Technologies