[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15249 Download | Alert*

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 through 1.15.2 mishandles Distinguished Name fields, which allows remote attackers to execute arbitrary code or cause a denial of service in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos ...

Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.

The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02.

Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.

FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName resulting in DoS or code execution via a crafted otf file.

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a "kill `cat /run/tinyproxy/tinyproxy.pid`" command.

libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to cause a denial of service via a file that begins with many "\0" characters.

The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted mp4 file.

There is an illegal address access in ast.cpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

The function d2ulaw_array in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack , a different vulnerability than CVE-2017-14246.


Pages:      Start    643    644    645    646    647    648    649    650    651    652    653    654    655    656    ..   1524

© SecPod Technologies