An exploitable code execution vulnerability exists in the HTTPpacket-parsing functionality of the LIVE555 RTSP server library version0.92. A specially crafted packet can cause a stack-based buffer overflow,result ing in code execution. An attacker can send a packet to trigger this vulnerability.
In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode,but not in module mode . Using custom domains,it"s possible to arrange things so that a Git repository is cloned ...
In libwpd-dev 0.10.2, there is a NULL pointer dereference in the functionWP6Content Listener::defineTable in WP6Content Listener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance"s port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected ...
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to makens-slapd crash via a specially crafted LDAP request, thus result ing in denial of service.
A bug in Bluez may allow for the Bluetooth Discoverable state being set toon when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before1.16.3.
Directory traversal vulnerability in zziplib-bin 0.13.69 allows attackers to overwrite arbitrary files via a .. in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.