[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

When read ing a specially crafted ZIP archive, the read method of ApacheCommons Compress 1.7 to 1.17"s ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an in finitestream, which can be used to mount a denial of service attack against services that use Compress" zip packa ...

Netwide Assembler 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a global line no integer overflow.

Netwide Assembler before 2.13.02 has a use-after-free in detoken atasm/preproc.c.

In libgraphite2-dev in libgraphite2-dev 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation,which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file.

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type , the attacker can crash the KDC by making an S4U2Self request.

An exploitable code execution vulnerability exists in the HTTPpacket-parsing functionality of the LIVE555 RTSP server library version0.92. A specially crafted packet can cause a stack-based buffer overflow,result ing in code execution. An attacker can send a packet to trigger this vulnerability.

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode,but not in module mode . Using custom domains,it"s possible to arrange things so that a Git repository is cloned ...

In libwpd-dev 0.10.2, there is a NULL pointer dereference in the functionWP6Content Listener::defineTable in WP6Content Listener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance"s port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected ...

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to makens-slapd crash via a specially crafted LDAP request, thus result ing in denial of service.


Pages:      Start    608    609    610    611    612    613    614    615    616    617    618    619    620    621    ..   1513

© SecPod Technologies