Lucene search
+L

152 matches found

Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.40 views

Fedora 19 : perl-YAML-LibYAML-0.41-4.fc19 (2014-4517)

This update addressed two security issues. CVE-2013-6393: The yamlparserscantaguri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted tags in a YAML...

6.8CVSS7.5AI score0.09312EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.36 views

Fedora 20 : perl-YAML-LibYAML-0.41-4.fc20 (2014-4548)

This update addressed two security issues. CVE-2013-6393: The yamlparserscantaguri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted tags in a YAML...

6.8CVSS7.5AI score0.09312EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2014/04/04 12:0 a.m.39 views

Ubuntu 12.04 LTS / 12.10 / 13.10 : libyaml-libyaml-perl vulnerabilities (USN-2161-1)

Florian Weimer discovered that libyaml-libyaml-perl incorrectly handled certain large YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6393 Ivan Fratric discovered that...

6.8CVSS7.2AI score0.09312EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2014/04/03 8:18 p.m.48 views

Important: Red Hat Security Advisory: ruby193-libyaml security update

Updated ruby193-libyaml packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.8CVSS7.3AI score0.09312EPSS
Exploits2References3
Ubuntu
Ubuntu
added 2014/04/03 2:24 p.m.61 views

USN-2161-1: libyaml-libyaml-perl vulnerabilities

Florian Weimer discovered that libyaml-libyaml-perl incorrectly handled certain large YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6393 Ivan Fratric discovered that...

6.8CVSS7.1AI score0.09312EPSS
Exploits2
Mageia
Mageia
added 2014/04/03 1:2 a.m.45 views

Updated perl-YAML-LibYAML package fixes security vulnerabilies

Updated perl-YAML-LibYAML packages fix security vulnerabilities: Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag...

6.8CVSS8AI score0.09312EPSS
Exploits2References3
Mageia
Mageia
added 2014/04/03 12:33 a.m.38 views

Updated libyaml package fixes security vulnerability

Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application t...

6.8CVSS8.3AI score0.09264EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2014/04/02 7:50 p.m.42 views

Important: Red Hat Security Advisory: libyaml security update

Updated libyaml packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

6.8CVSS7.3AI score0.09312EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2014/04/02 7:50 p.m.50 views

Important: Red Hat Security Advisory: libyaml security update

Updated libyaml packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

6.8CVSS7.3AI score0.09312EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2014/04/02 7:50 p.m.40 views

Important: Red Hat Security Advisory: ruby193-libyaml security update

Updated ruby193-libyaml packages that fix two security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.8CVSS7.2AI score0.09312EPSS
Exploits2References3
securityvulns
securityvulns
added 2014/03/31 12:0 a.m.61 views

[oCERT-2014-003] LibYAML input sanitization errors

2014-003 LibYAML input sanitization errors Description: The LibYAML project is an open source YAML 1.1 parser and emitter written in C. The library is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is caused by lack of proper expansion for t...

6.8CVSS0.5AI score0.09264EPSS
Exploits2
OSV
OSV
added 2014/03/28 3:55 p.m.3 views

CVE-2014-2525

Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...

6.8CVSS7.5AI score0.09264EPSS
Exploits2References23
CVE
CVE
added 2014/03/28 3:0 p.m.101 views

CVE-2014-2525

CVE-2014-2525 : LibYAML's yaml_parser_scan_uri_escapes() has a heap-based buffer overflow when parsing percent-encoded text in a URI within YAML documents. The issue affects LibYAML before 0.1.6 and can allow arbitrary code execution via a crafted YAML file. Affected products use libyaml librarie...

6.8CVSS7.7AI score0.09264EPSS
Exploits2References22Affected Software1
Debian CVE
Debian CVE
added 2014/03/28 3:0 p.m.20 views

CVE-2014-2525

Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...

6.8CVSS8.1AI score0.09264EPSS
Exploits2
seebug.org
seebug.org
added 2014/03/28 12:0 a.m.50 views

LibYAML 'yaml_parser_scan_uri_escapes()'函数远程堆缓冲区溢出漏洞

BUGTRAQ ID: 66478 CVECAN ID: CVE-2014-2525 LibYAML是用C语言编写的YAML 1.1解析器和发射器。 由于程序没有正确过滤用户提供的输入,允许远程攻击者在易受攻击的应用程序上下文中执行任意代码。 0 LibYAML 0.1.6 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://pyyaml.org/wiki/LibYAML...

6.8CVSS0.4AI score0.09264EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2014/03/27 12:0 a.m.31 views

Debian DSA-2885-1 : libyaml-libyaml-perl - security update

Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially crafted YAML document that, when parsed by an application using libyaml, would cause the application t...

6.8CVSS7.8AI score0.09264EPSS
Exploits2References4
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.79 views

[SECURITY] [DSA 2884-1] libyaml security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2884-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...

6.8CVSS2AI score0.09264EPSS
Exploits2
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.90 views

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2885-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.8AI score0.09264EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2014/03/27 12:0 a.m.26 views

CVE-2014-2525

Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...

6.8CVSS7.3AI score0.09264EPSS
Exploits2References5
Debian
Debian
added 2014/03/26 7:53 p.m.31 views

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2885-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...

6.8CVSS2.2AI score0.09264EPSS
Exploits2
Rows per page
Query Builder