[Forgot Password]
Login  Register Subscribe

24437

 
 

131950

 
 

117853

 
 

909

 
 

91655

 
 

143

 
 
Paid content will be excluded from the download.

Filter
Matches : 12089 Download | Alert*

GNU `tar" archiver attempts to avoid path traversal attacks by removing offending parts of the element name at extract. This sanitizing leads to a vulnerability where the attacker can bypass the path name specified on the command line. Affected versions: tar 1.14 to 1.29

CVE-2016-8605: Thread-unsafe umask modification The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process" umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Fi ...

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it. Reference

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library through 2.2.3, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library through 2.2.3, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.

When receiving a response from the server protocol data is not validated sufficiently. The 32 bit field "rep.length" is not checked for validity, which allows an integer overflow on 32 bit systems. A malicious server could send INT_MAX as length, which gets multiplied by the size of XRectangle. In that case the client won"t read the whole data from server, getting out of sync. Affected versions : ...

When receiving a response from the server protocol data is not validated sufficiently. The 32 bit field "rep.length" is not checked for validity, which allows an integer overflow on 32 bit systems. A malicious server could send INT_MAX as length, which gets multiplied by the size of XRectangle. In that case the client won"t read the whole data from server, getting out of sync. Affected versions l ...

CVE-2016-7945: Insufficient validation of server responses result in Integer overflows CVE-2016-7946: Insufficient validation of server responses result in various data mishandlings Affected versions: libXi Fixed In Version: libXi 1.7.7

CVE-2016-7945: Insufficient validation of server responses result in Integer overflows CVE-2016-7946: Insufficient validation of server responses result in various data mishandlings Affected versions libXi Fixed In Version libXi 1.7.7

CVE-2016-7947: Insufficient validation of server responses result in Integer overflows CVE-2016-7948: Insufficient validation of server responses result in various data mishandlings Affected versions libXrandr Fixed In Version libXrandr 1.5.1 Reference


Pages:      Start    1162    1163    1164    1165    1166    1167    1168    1169    1170    1171    1172    1173    1174    1175    ..   1208

© SecPod Technologies