[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 194688 Download | Alert*

A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in "go get", which could result in the execution of arbitrary shell commands.

Arbitrary code execution during go get or go get -dGo before 1.8.4 and 1.9.x before 1.9.1 allows quot;go getquot; remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository includes a Git checkout in its pkg2 directory and some other wo ...

Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.

Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go1.10rc2 allow "go get" remote command execution during source code build,by leveraging the gcc or clang plugin feature, because -fplugin= and-plugin= arguments were not blocked.

The Go Programming Language.

The Go Programming Language.

This update for binutils to version 2.31 fixes the following issues: These security issues were fixed: - CVE-2017-15996: readelf allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted ELF file that triggered a buffer overflow on fuzzed archive header - CVE-2017-15939: Binary File Descriptor library mishandled NULL files in a .debug_line fi ...

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))['uri']" call mishandles the case where $file is data:text/plain;uri=eviluri, -- in other words, metadata can be set by an attacker.

[14.4.1-7] - Fix CVE-2017-18189 Upstream patch: https://sourceforge.net/p/sox/code/ci/09d7388c8ad5701ed9c59d1d600ff6154b066397/ Resolves: #1553590

SoX is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects. Security Fix: * sox: NULL pointer dereference in startread function in xa.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pag ...


Pages:      Start    9232    9233    9234    9235    9236    9237    9238    9239    9240    9241    9242    9243    9244    9245    ..   19468

© SecPod Technologies