[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80658 Download | Alert*

Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.

It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user is dragging a specific file or map to a location to extract to.

dovecot: IMAP and POP3 email server Dovecot could be made to crash or execute arbitrary code if it received a specially crafted data.

ghostscript: PostScript and PDF interpreter Ghostscript could be made to access arbitrary files if it opened a specially crafted file.

exim4: Exim is a mail transport agent Exim could be made to run programs as an administrator if it received specially crafted network traffic.

memcached: high-performance memory object caching system Memcached could be made to expose sensitive information if it received a specially crafted UNIX socket.

freetype: FreeType 2 is a font engine library FreeType could be made to expose sensitive information if if it opened a specially crafted font file.

tomcat8: Servlet and JSP engine Several security issues were fixed in Tomcat 8.

tomcat9: Servlet and JSP engine Several security issues were fixed in Tomcat 9.

curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl.


Pages:      Start    3166    3167    3168    3169    3170    3171    3172    3173    3174    3175    3176    3177    3178    3179    ..   8065

© SecPod Technologies