[Forgot Password]
Login  Register Subscribe

24003

 
 

131486

 
 

106342

 
 

909

 
 

84640

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 11263 Download | Alert*

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * libvirt: Resource exhaustion via qemuMonitorIORead method * libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent For more details about the ...

389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: ns-slapd crash via large filter value in ldapsearch For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE ...

The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix: * A command injection flaw was found in the NetworkM ...

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 * Mozilla: Backport critical security fixes in Skia * Mozilla: Use-after-free with SVG animations and clip paths * Mozilla: Use-after-free with SVG ...

Null pointer dereference due to mishandling of ldap_get_dn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attackerAn issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service because of mishandling of the ldap_get_dn return value.Infinite ...

Improper write operations in readonly mode allow for zero-length file creationThe process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

Fragmentation attacks possible when EDNS0 is enabledThe DNS stub resolver in the GNU C Library before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.Buffer overflow in glob with GLOB_TILDEThe GNU C Library before 2.27 contains an off-by-one error leading to a heap-based ...

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information ...

Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549 .Interleave ...

Malicious patch files cause ed to execute arbitrary commandsGNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a commo ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1126

© 2013 SecPod Technologies