[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80305 Download | Alert*

Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet.

A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, a DNS server implementation, which could result in denial of service , or potentially the execution of arbitrary code.

A vulnerability in the Certificate List Exact Assertion validation was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service via specially crafted packets.

Felix Weinmann reported a flaw in the handling of combining characters in screen, a terminal multiplexer with VT100/ANSI terminal emulation, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence.

It was discovered that Pygments, a syntax highlighting package written in Python, could be forced into an infinite loop, resulting in denial of service.

Two vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.

Ben Caller discovered that Pygments, a syntax highlighting package written in Python 3, used regular expressions which could result in denial of service.

Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam filter using text analysis. Malicious rule configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios.

Kevin Chung discovered that lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input. This would allow a malicious user to mount a cross-site scripting attack.

It was discovered that missing input sanitising in the template function of the Underscore JavaScript library could result in the execution of arbitrary code.


Pages:      Start    2960    2961    2962    2963    2964    2965    2966    2967    2968    2969    2970    2971    2972    2973    ..   8030

© SecPod Technologies