[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80945 Download | Alert*

Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.

It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user is dragging a specific file or map to a location to extract to.

dovecot: IMAP and POP3 email server Dovecot could be made to crash or execute arbitrary code if it received a specially crafted data.

ghostscript: PostScript and PDF interpreter Ghostscript could be made to access arbitrary files if it opened a specially crafted file.

exim4: Exim is a mail transport agent Exim could be made to run programs as an administrator if it received specially crafted network traffic.

memcached: high-performance memory object caching system Memcached could be made to expose sensitive information if it received a specially crafted UNIX socket.

freetype: FreeType 2 is a font engine library FreeType could be made to expose sensitive information if if it opened a specially crafted font file.

tomcat8: Servlet and JSP engine Several security issues were fixed in Tomcat 8.

tomcat9: Servlet and JSP engine Several security issues were fixed in Tomcat 9.

curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl.


Pages:      Start    3153    3154    3155    3156    3157    3158    3159    3160    3161    3162    3163    3164    3165    3166    ..   8094

© SecPod Technologies