[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80167 Download | Alert*

CVE-2016-4476 : denial of service via crafted WPA/WPA2 passphrase parameter. wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service via a crafted WPS operation.

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crashor possible code execution. Fixed In Version: augeas 1.8.1

CVE-2017-9611: The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

CVE-2017-14746: Use-after-free vulnerability. Affected Versions: All versions of Samba from 4.0.0 onwards. Fixed In: Samba 4.7.3, 4.6.11 and 4.5.15

CVE-2017-12893: Buffer over-read in smbutil.c:name_len in SMB/CIFS parser CVE-2017-12894: Buffer over-read in addrtoname.c:lookup_bytestring CVE-2017-12895: Buffer over-read in print-icmp.c:icmp_print in ICMP parser CVE-2017-12896: Buffer over-read in print-isakmp.c:isakmp_rfc3948_print in ISAKMP parser CVE-2017-12897: Buffer over-read in print-isoclns.c:isoclns_print in ISO CLNS parser CVE-2017-1 ...

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an E ...

A coding mistake was found in TLS Certificate Status Request extension feature that asks for a fresh proof of the server"s certificate"s validity in the code that checks for a test success or failure. It ends up always thinking there"s valid proof, even when there is none or if the server does not support the TLS extension in question. Contrary to how it used to function and contrary to how this f ...

CVE-2017-10965: When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. Fixed In: Irssi 1.0.4

CVE-2017-3737: Read/write after SSL object in error state OpenSSL 1.0.2 introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions ,however due to a bug it does not work correctl ...

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect.


Pages:      Start    3141    3142    3143    3144    3145    3146    3147    3148    3149    3150    3151    3152    3153    3154    ..   8016

© SecPod Technologies