[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

The host is installed with Adobe Flash Player before 20160407.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption).

The host is installed with Adobe Flash Player before 11.2.202.616 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption).

In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service .

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system.

The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service , or possibly have unspecified other impact.

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.

A flaw was found in qemu Media Transfer Protocol . The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn"t consider that the underlying file system may have changed since the time lstat was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can us ...

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service in create_cq_ring or create_qp_rings.

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.


Pages:      Start    932    933    934    935    936    937    938    939    940    941    942    943    944    945    ..   1513

© SecPod Technologies