[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125989

 
 

909

 
 

104883

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

The mysql_change_db function in MySQL 5.0.x before 5.0.40 did not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allowed remote authenticated users to gain privileges . The federated engine in MySQL 5.0.x, when performing a certain SHOW TABLE STATUS query, did not properly handle a response with a small number of columns, which could allow a remot ...

A vulnerability in the Net::DNS perl module was found that could allow remote attackers to cause a denial of service via a crafted DNS response. The updated packages have been patched to correct this issue.

The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ":safe", did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration . A stack-based buffer overflow in emacs could allow user-ass ...

A denial of service flaw was discovered by the Google Security Team in the way libxml2 processes malformed XML content. This flaw could cause the application to stop responding. The updated packages have been patched to correct this issue.

MySQL 5.0.x did not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement . The federated engine in MySQL 5.0.x, when performing a certain SHOW TABLE STATUS query, did not properly handle a response with a small number of ...

An input validation flaw was found in the X.org server"s XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service , or potentially execute arbitrary code with root privileges on the X.org server . A flaw was found in the X.org server"s XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that ...

An input validation flaw was found in the X.org server"s XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service , or potentially execute arbitrary code with root privileges on the X.org server . A flaw was found in the X.org server"s XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that ...

A number of vulnerabilities have been found and corrected in PHP: The htmlentities and htmlspecialchars functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors . The output_add_rewrite_var function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obta ...

A number of vulnerabilities have been found and corrected in PHP: PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with "S:", which did not properly track the number of input bytes being processed . A vulnerability in the chunk_split function in PHP prior to 5.2.4 has unknown impact and atta ...

Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with the privileges of the user opening the file. The updated packages have been patched to correct this issue.


Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   182

© SecPod Technologies