[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80802 Download | Alert*

[3.6.8-18.0.5] - Remove the "getfile" feature of pydoc [Orabug: 33182027][CVE-2021-3426]

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon , they can cause a difference in the interpretation of the request between the proxy and the server. This can result in malicious requests being cached as completely safe ...

[2.6.32-220.4.1.el6] - [fs] Revert "proc: enable writing to /proc/pid/mem" [782649 782650] {CVE-2012-0056} [2.6.32-220.3.1.el6] - [kernel] Remove "WARNING: at kernel/sched.c:5915" [768288 766051] - [x86] kernel: Fix memory corruption in module load [769595 767140] - [kernel] Reset clocksource watchdog after sysrq-t [755867 742890] - [x86] AMD: Make tsc=reliable override boot time stability che ...

The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.

[2.6.32-300.32.3] - dl2k: Clean up rio_ioctl [Orabug: 14675306] {CVE-2012-2313} - hugetlb: fix resv_map leak in error path [Orabug: 14676403] {CVE-2012-2390} - rds: set correct msg_namelen [Orabug: 14676504] {CVE-2012-3430}

[2.6.32-300.38.1] - [net/sfc] limit number of segments per skb on tx [Orabug:14769994] {CVE-2012-3412}

It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access could possibly use this flaw to bypass intended restrictions.

A defect in control channel input handling was discovered which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named"s control channel. If control channel input is accepted from the network , an unauthenticated attacker could cause named to crash. An error when parsing signature records for DNAME records having specific properties can l ...

When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes , or in-guest information leaks. In some cases, the kernel did not correctly fix backward jumps in a new eBPF program, which could allow arbitrary reads. The kernel incorrectly acc ...

An access flaw was discovered in the OpenSSH client where it did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.


Pages:      Start    3774    3775    3776    3777    3778    3779    3780    3781    3782    3783    3784    3785    3786    3787    ..   8080

© SecPod Technologies