[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80802 Download | Alert*

An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions.

Specific APL RR data could cause a server to exit due to an INSIST failure in apl_42.c when performing certain string formatting operations. CVE-2015-8705 was also issued today for bind, but the Amazon Linux AMI"s version of bind is not impacted by that CVE.

CVE-2016-2848 bind: assertion failure triggered by a packet with malformed optionsA denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet.

It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root.

Unsafe second checksum calculation in udp.c:The Linux kernel allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. This may create a kernel panic or memory corruption leading to privilege escalation

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a recvfrom or recvmsg system call on an RDS socket.

An integer overflow flaw was found in the i915_gem_do_execbuffer function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. A memory leak flaw was found in the way the Linux kernel"s memory subsystem handled resource clean up in the mmap failure path when the MAP_HUGETLB flag was set. ...

CVE: none assigned, XSA-207: memory leak when destroying guest without PT devices Reference: CVE-2017-2615, XSA-208: oob access in cirrus bitblt copy Reference: CVE-2017-2620, XSA-209: cirrus_bitblt_cputovideo does not check if memory region is safe Reference:


Pages:      Start    3775    3776    3777    3778    3779    3780    3781    3782    3783    3784    3785    3786    3787    3788    ..   8080

© SecPod Technologies