[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

A flaw was found in glusterfs-common server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs-common server node.

The Gluster file system through version 4.1.4 is vulnerable to abuse of the "features/index" translator. A remote attacker with access to mount volumes could exploit this via the "GF_XATTROP_ENTRY_IN_KEY" xattrop to create arbitrary, empty files on the target server.

The Gluster file system through version 4.1.4 is vulnerable to abuse of the "features/index" translator. A remote attacker with access to mount volumes could exploit this via the "GF_XATTROP_ENTRY_IN_KEY" xattrop to create arbitrary, empty files on the target server.

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs-common server node.

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service , as demonstrated by SoundStretch.

The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service , as demonstrated by SoundStretch.

lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.

An issue has been discovered in mpruett Audio File Library 0.3.6. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.


Pages:      Start    996    997    998    999    1000    1001    1002    1003    1004    1005    1006    1007    1008    1009    ..   1513

© SecPod Technologies