7636 matches found
[slackware-security] python
New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/python-2.7.16-i586-1slack14.2.txz: Upgraded. Updated to the latest 2.7.x release, which fixes a few security issues. For...
[slackware-security] infozip
New infozip packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/infozip-6.0-i586-4slack14.2.txz: Rebuilt. Added some patches that should fix extracting archives with non-latin characte...
The vulnerability of the ChakraCore component in the Microsoft Edge browser allows a hacker to execute arbitrary code with the privileges of the current user.
The vulnerability of Microsoft Edge’s ChakraCore component is related to errors in memory object handling mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with the privileges of the current user, through a specially crafted web page...
The vulnerability of the Internet Explorer browser, related to errors in memory object handling mechanisms, allows attackers to execute arbitrary code with privileges of the current user.
The vulnerability of the Internet Explorer browser is related to errors in the memory object handling mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of the current user, through a specially crafted web page...
Vulnerability of the .NET Framework software platform, related to errors in the mechanism for checking the source file metadata, allows a perpetrator to execute arbitrary code with privileges of the current user.
The vulnerability of the .NET Framework software platform is related to errors in the mechanism for checking the source code of files. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with privileges of the current user, using a specially craft...
Data Leakage
ansible is vulnerable to data leakage. The vulnerability is possible because it does not properly handle empty strings passed to rsyncopts, which results in the revealing of the current working directory information...
(0Day) Microsoft Visual Studio settings XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser, caused by an operation that goes beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a...
The vulnerability in Microsoft Edge browsers arises from an operation that goes beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted web page...
Slackware 14.0 / 14.1 / 14.2 / current : file (SSA:2019-054-01)
New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-054-01. The text itself is copyright C Slackware Linux,...
[slackware-security] file
New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/file-5.36-i586-1slack14.2.txz: Upgraded. Fix out-of-bounds read and denial-of-service security issues: For more information...
Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-60.5.1-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-60.5.1esr-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...
Microsoft Edge Buffer Overflow Vulnerability
Microsoft Edge is a web browser from Microsoft USA that is the default browser that comes with the Windows 10 operating system. A buffer overflow vulnerability exists in Microsoft Edge that stems from a program not properly accessing objects in memory. An attacker can exploit the vulnerability to...
Microsoft Edge and ChakraCore Buffer Overflow Vulnerability (CNVD-2019-27389)
Microsoft Edge is a web browser from Microsoft USA that is the default browser that comes with the Windows 10 operating system. A buffer overflow vulnerability exists in Microsoft Edge and ChakraCore. An attacker can exploit this vulnerability to execute arbitrary code in the context of the curre...
Microsoft Edge Buffer Overflow Vulnerability (CNVD-2019-27391)
Microsoft Edge is a web browser from Microsoft USA that is the default browser that comes with the Windows 10 operating system. A buffer overflow vulnerability exists in Microsoft Edge that stems from a program not properly accessing objects in memory. An attacker can exploit the vulnerability to...
Microsoft Edge and ChakraCore Buffer Overflow Vulnerability (CNVD-2019-27386)
Microsoft ChakraCore and Microsoft Edge are both products of Microsoft Corporation.ChakraCore is the core of an open-source Chakra JavaScript scripting engine used in the Edge browser, and is also available as a standalone JavaScript engine. Microsoft Edge is a web browser that comes with Windows...