[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

mapping0_forward in mapping0.c in Xiph.Org libvorbis-dev 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file.

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

libtiff-toolsClientOpen in tif_unix.c in Liblibtiff-tools 3.8.2 has memory leaks, as demonstrated by bmp2libtiff-tools.

There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps-dev through 0.3.0. A crafted input will lead to a remote denial of service attack.

No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.

Netwide Assembler 2.14rc15 has a buffer over-read in x86/regflags.c.

Netwide Assembler 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

In libjs-dojo-core Toolkit before 1.14, there is unescaped string injection in libjs-dojo-corex/Grid/DataGrid.

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.


Pages:      Start    621    622    623    624    625    626    627    628    629    630    631    632    633    634    ..   1513

© SecPod Technologies