[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80963 Download | Alert*

Two vulnerabilities were discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library.

Joonun Jang discovered several problems in wavpack, an audio compression format suite. Incorrect processing of input resulted in several heap- and stack-based buffer overflows, leading to application crash or potential code execution.

A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

Harry Sintonen discovered that wget, a network utility to retrieve files from the web, does not properly handle "\r\n" from continuation lines while parsing the Set-Cookie HTTP header. A malicious web server could use this flaw to inject arbitrary cookies to the cookie jar file, adding new or replacing existing cookie values.

It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys.

It was discovered that the Soup HTTP library performed insuffient validation of cookie requests which could result in an out-of-bounds memory read.

Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code.

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malicious Samba server to write to the client"s heap memory. CVE-2018-10919 Phillip Kuhrt discovered that ...

Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems. See https://curl.haxx.se/docs/CVE-2018-14618.html for more information.

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Firefox. Support for the 52.x series has ended, so starting with this update we"re now following the 60.x releases. Between 52.x and 60.x, Firefox has undergon ...


Pages:      Start    3321    3322    3323    3324    3325    3326    3327    3328    3329    3330    3331    3332    3333    3334    ..   8096

© SecPod Technologies