3660 matches found
[SECURITY] Fedora 23 Update: openvpn-2.3.11-1.fc23
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library for...
[SECURITY] Fedora 24 Update: openvpn-2.3.11-1.fc24
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library for...
7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0093 7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability May 10, 2016 CVE Number CVE-2016-2334 DESCRIPTION An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of...
SUSE SLED12 Security Update : python-tornado (SUSE-SU-2016:1195-1)
The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed : - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...
libgd 2.1.1 - Signedness Heap Overflow
Exploit for linux platform in category remote exploits Overview ======== libgd 1 is an open-source image library. It is perhaps primarily used by the PHP project. It has been bundled with the default installation of PHP since version 4.3 2. A signedness vulnerability CVE-2016-3074 exist in libgd...
WordPress <= 4.4.2 - Script Compression Option CSRF
...
BREACH exploits from Gmail, Facebook, steal sensitive information-vulnerability warning-the black bar safety net
2 0 1 3 summer,two researchers found that the use of and continue to attack Gmail and Facebook chat sessions flow a new method,that is, BREACH exploits,and before that,such attacks never walk into people's line of sight. ! Late last week,the study in Singapore, the Asia black hat conference is...
BREACH Revived to Steal Private Messages from Gmail, Facebook
The BREACH attack hasn’t been top of mind since the summer of 2013, but two researchers have found new ways to exploit and persistently attack traffic, including Gmail and Facebook chat sessions. The research was shared late last week in Singapore at Black Hat Asia where Dimitris Karakostas of th...
[SECURITY] Fedora 22 Update: vtun-3.0.3-15.fc22
VTun provides a method for creating Virtual Tunnels over TCP/IP networks and allows one to shape, compress, and encrypt traffic in those tunnels. Supported types of tunnels are: PPP, IP, Ethernet and most other serial protocols and programs. VTun is easily and highly configurable: it can be used...
[SECURITY] Fedora 24 Update: vtun-3.0.3-15.fc24
VTun provides a method for creating Virtual Tunnels over TCP/IP networks and allows one to shape, compress, and encrypt traffic in those tunnels. Supported types of tunnels are: PPP, IP, Ethernet and most other serial protocols and programs. VTun is easily and highly configurable: it can be used...
CVE-2016-1968
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted data with brotli compression...
CVE-2016-1624
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...
Integer overflow
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...
CVE-2016-1624
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...
CVE-2016-1624
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...
libtiff denial of service vulnerability (CNVD-2016-01057)
LibTiff is a library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A security vulnerability exists in LibTiff's tifluv.c file that stems from the presence of invalid 'sample/pixel' values in TIFF image...
DEBIAN-CVE-2015-8781
tifluv.c in libtiff allows attackers to cause a denial of service out-of-bounds write via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782...
UBUNTU-CVE-2015-8781
tifluv.c in libtiff allows attackers to cause a denial of service out-of-bounds write via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782...
CVE-2016-1931
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...
Memory corruption
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...