[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111604

 
 

909

 
 

87312

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 11559 Download | Alert*

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 . Linux kernel built with the 802.1Q/802.1ad VLAN OR Virtual eXtensible Local Area Network with Tr ...

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacke ...

ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service or possibly have unspecified other impact via crafted field metadata .Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 a ...

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via an unserialize call that references a partially constructed object .ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_ ...

CVE-2016-7411: A memory corruption error may occur during deserialized object destruction. CVE-2016-7412: A heap overflow may occur in the processing of BIT fields in mysqlnd. CVE-2016-7413: A use-after-free memory error may occur in wddx_deserialize. CVE-2016-7414: An out-of-bounds memory error may occur in phar_parse_zipfile. CVE-2016-7416: A memory corruption error may occur in processing l ...

CVE-2016-7411: A memory corruption error may occur during deserialized object destruction Reference Patch CVE-2016-7412: A heap overflow may occur in the processing of BIT fields in mysqlnd Reference Patch CVE-2016-7413: A use-after-free memory error may occur in wddx_deserialize Reference Patch CVE-2016-7414: An out-of-bounds memory error may occur in phar_parse_zipfile Reference Patch CVE-2016-7 ...

Ciphers with 64-bit block sizes used in CBC mode were found to be vulnerable to a birthday attack when key renegotiation doesn"t happen frequently or at all in long running connections. The blowfish cipher as used in OpenVPN by default is vulnerable to this attack, allowing a remote attacker to recover partial plaintext information .

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by ...

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by ...

After testing original CVE-2016-5420 patch, it was discovered that libcurl built on top of NSS still incorrectly re-uses client certificates if a certificate from file is used for one TLS connection but no certificate is set for a subsequent TLS connection.


Pages:      Start    960    961    962    963    964    965    966    967    968    969    970    971    972    973    ..   1155

© SecPod Technologies