556 matches found
USN-3745-1 wpa vulnerability
It was discovered that wpasupplicant and hostapd incorrectly handled certain messages. An attacker could possibly use this to access sensitive information...
DEBIAN-CVE-2017-12151
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the...
CVE-2018-3081
Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...
UBUNTU-CVE-2018-3081
Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...
CVE-2017-16217
fbr-client sends files through sockets via socket.io and webRTC. fbr-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
PT-2018-3549 · Mysql Server +8 · Mysql Client +8
Name of the Vulnerable Software and Affected Versions: MySQL Client versions 5.6.48 and prior MySQL Client versions 5.7.30 and prior MySQL Client versions 8.0.20 and prior Description: The issue is related to insufficient input validation in the C API component of the MySQL Client product. It...
CVE-2018-1310
Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...
Red Hat DHCP Client Command Execution Vulnerability
DHCP is a LAN network protocol that is primarily used for dynamic IP address allocation for internal networks. A command execution vulnerability exists in the Red Hat DHCP client, which allows an attacker to attack a Red Hat system, gain root privileges, and execute arbitrary commands by spoofing...
CVE-2018-0112
A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An...
Microsoft Server Message Block Client Denial of Service Vulnerability
Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. The Microsoft Server Message Block SMBv2/SMBv3 client is one of the clients that provides authentication for computers to access printers and file systems on the server. A denial of service...
Vulnerability in client (CVE-2018-1053)
pgupgrade creates file of sensitive metadata under prevailing umask...
Memory corruption vulnerability exists in Sohu Video 5 (CNVD-2017-35531)
Sohu Video 5 is a video player from Sohu. A memory corruption vulnerability exists in the Sohu Video 5 PC client when opening certain mov files, which can be exploited by attackers to cause a denial of service or code execution...
KDDI E hears about information leakage vulnerability in client side
E Hearing Client is a professional English learning software. An information leakage vulnerability exists in KDDI E Hearing Client, which allows an attacker to obtain test packets and leak copyrighted question files through the client...
CVE-2017-14429
The DHCP client on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices allows unauthenticated remote code execution as root because /etc/services/INET/inetipv4.php mishandles shell metacharacters, affecting generated files such as...
The vulnerability of the procedure related to the remote UIM client, the Android CAF-release operating system, allows a perpetrator to compromise the privacy, integrity, and accessibility of protected information.
The vulnerability of the process related to the remote UIM client in Android CAF-release builds is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
Oracle Agile PLM Remote Vulnerability (CNVD-2017-26392)
Oracle Supply Chain Products Suite is a set of supply chain solutions from Oracle, which provides value chain planning, value chain execution, product lifecycle management, etc. Oracle Agile PLM Product Lifecycle Management is one of the lifecycle management components. Oracle Agile PLM Product...
qemu-kvm security update
1.5.3-126.el73.10 - kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch bz1460179 - kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch bz1460179 - Resolves: bz1460179 CVE-2017-9524 qemu-kvm: Qemu: nbd: segmentation fault due to client non-negotiation rhel-7.3.z...
Fortinet FortiClient SSL_VPN for Linux Remote Code Execution Vulnerability
Fortinet FortiClient SSLVPN for Linux is a Linux-based VPN client for connecting to Fortinet devices. A remote code execution vulnerability exists in Fortinet FortiClient SSLVPN for Linux. An attacker can exploit this vulnerability to overwrite arbitrary files with FortiClient log files...
Cisco IOS DHCP Denial of Service Vulnerability
Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in the DHCP client implementation of Cisco IOS. A remote attacker can exploit this vulnerability to send specially crafted DHCP messages to conduct denial-of-service attacks...
QEMU 'nbd/client.c' Stack Buffer Overflow Vulnerability
QEMU aka Quick Emulator is a suite of analog processor software developed by French programmer Fabrice Bellard. QEMU suffers from a stack buffer overflow vulnerability that arises from the program's failure to perform sufficient boundary checks on user-supplied data before copying it to an...