[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43198 Download | Alert*

It was discovered that ntpq and ntpdc disclosed the origin timestamp to unauthenticated clients, which could permit such clients to forge the server"s replies. The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering ...

CVE-2016-2834 nss: Multiple security flaws multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application.CVE-2016-8635 nss: small-subgroups attack flaw It was found that Diffie Hellman Client k ...

The following security-related issues were resolved:CVE-2016-7426 : Client rate limiting and server responsesCVE-2016-7429 : Attack on interface selectionCVE-2016-7433 : Broken initial sync calculations regressionCVE-2016-9310 : Mode 6 unauthenticated trap information disclosure and DDoS vectorCVE-2016-9311 : Null pointer dereference when trap service is enabled

Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victims clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549 .Interleaved symm ...

Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read

OpenSSH clients between versions 5.4 and 7.1 are vulnerable to information disclosure that may allow a malicious server to retrieve information including under some circumstances, user"s private keys. This may be mitigated by adding the undocumented config option UseRoaming no to ssh_config. This bug is corrected in OpenSSH 7.1p2 and in OpenBSD"s stable branch. CVE-2016-0777. An information leak ...

Upgrade to Firefox ESR 45.2 Memory safety bugs fixed in Firefox ESR 45.2 and Firefox 47 HTML5 parser heap-buffer-overflow Heap-use-after-free mozilla::dom::Element Firefox Navigation from a page with an active dropdown menu can be used for spoofing Crash in TSymbolTableLevel::~TSymbolTableLevel Crash when zooming out on a three.js demo mozRequestFullScreen + mozRequestPointerLock: bypassing ...

Upgrade to Firefox ESR 45.2. Memory safety bugs fixed in Firefox ESR 45.2 and Firefox 47 HTML5 parser heap-buffer-overflow Heap-use-after-free mozilla::dom::Element Firefox Navigation from a page with an active dropdown menu can be used for spoofing Crash in TSymbolTableLevel::~TSymbolTableLevel Crash when zooming out on a three.js demo mozRequestFullScreen + mozRequestPointerLock: bypassing ...

This update for ntp fixes the following issues: Security issues fixed: - CVE-2016-1549: Significant additional protections against CVE-2016-1549 that was fixed in ntp-4.2.8p7 . - CVE-2018-7170: Ephemeral association time spoofing additional protection . - CVE-2018-7182: Buffer read overrun leads information leak in ctl_getitem . - CVE-2018-7183: decodearr can write beyond its buffer limit . - CVE- ...

This update for gdk-pixbuf fixes the following issues: Security issue fixed: - CVE-2015-4491: Fix integer multiplication overflow that allows for DoS or potentially RCE .


Pages:      Start    1655    1656    1657    1658    1659    1660    1661    1662    1663    1664    1665    1666    1667    1668    ..   4319

© SecPod Technologies