[Forgot Password]
Login  Register Subscribe

24003

 
 

131425

 
 

104705

 
 

909

 
 

84119

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 3119 Download | Alert*

Hanno Boeck and Marcin Noga discovered multiple vulnerabilities in libarchive; processing malformed archives may result in denial of service or the execution of arbitrary code.

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.50

Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.26. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/

Multiple vulnerabilities were discovered in the dissectors for H.225, Catapult DCT2000, UMTS FP and IPMI, which could result in denial of service or the execution of arbitrary code.

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1660 Atte Kettunen discovered an out-of-bounds write issue. CVE-2016-1661 Wadih Matar discovered a memory corruption issue. CVE-2016-1662 Rob Wu discovered a use-after-free issue related to extensions. CVE-2016-1663 A use-after-free issue was discovered in Blink"s bindings to V8. CVE-2016-1664 Wadih Matar discovered ...

Two SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. Specially crafted input can be used by an attacker in parameters of the graphs_new.php script to execute arbitrary SQL commands on the database.

Several SQL injection vulnerabilities have been discovered in Cacti, an RRDTool frontend written in PHP. Specially crafted input can be used by an attacker in the rra_id value of the graph.php script to execute arbitrary SQL commands on the database.

This updates fixes many vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed.

Alexander Cherepanov discovered that p7zip is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.

Marcin "Icewall" Noga of Cisco Talos discovered an out-of-bound read vulnerability in the CInArchive::ReadFileItem method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially crafted UDF file is processed.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   311

© 2013 SecPod Technologies