[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43198 Download | Alert*

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users.It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication ...

sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping"s length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might allow remote attackers to obtain sensitive information fr ...

A buffer overflow vulnerability was found in PHP"s phar implementation. See https://bugs.php.net/bug.php?id=69324 for more details. A use-after-free flaw was found in PHP"s phar paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory. A buffer over-read flaw was found in the GD library. A specially crafted GIF file could cause an ...

A heap-based buffer overflow was found in glibc"s __nss_hostname_digits_dots function, which is used by the gethostbyname and gethostbyname2 glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. Use after free vulnerability was reported in PHP DateTim ...

A use-after-free flaw was found in the way PHP"s unserialize function processed data. If a remote attacker was able to pass crafted input to PHP"s unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZI ...

A use-after-free flaw was found in the way PHP"s unserialize function processed data. If a remote attacker was able to pass crafted input to PHP"s unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZI ...

A use-after-free flaw was found in PHP"s OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. A NULL pointer dereference flaw was found in PHP"s pgsql extension. A specially crafted table name passed to function as pg_insert or pg_select could cause a PHP application to crash. A buffer overflow flaw was found in the way PHP"s Phar extension parsed Phar arch ...

As discussed in an upstream announcement, Ruby"s OpenSSL extension suffers a vulnerability through overly permissive matching of hostnames, which can lead to similar bugs such as CVE-2014-1492 .

The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. The ELF parser in file before 5.21 allows remote attackers to cause a denial of service via a large number of program or section headers or invalid capabilities. It was reported that a malformed elf file can cause file urility to access invalid memory. The ELF parser in f ...


Pages:      Start    1245    1246    1247    1248    1249    1250    1251    1252    1253    1254    1255    1256    1257    1258    ..   4319

© SecPod Technologies