3981 matches found
openSUSE: Security Advisory for mercurial (openSUSE-SU-2016:1016-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2016-2191
The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...
Security update for mercurial (important)
mercurial was updated to fix three security issues. These security issues were fixed: - CVE-2016-3069: Arbitrary code execution when converting Git repos bsc973176. - CVE-2016-3068: Arbitrary code execution with Git subrepos bsc973177. - CVE-2016-3630: Remote code execution in binary delta decodi...
Debian DSA-3542-1 : mercurial - security update
Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2016-3068 Blake Burkhart discovered that Mercurial allows URLs for Git subrepositories that could result in...
mercurial: arbitrary code execution
CVE-2016-3068 arbitrary code execution It was reported that in mercurial, there is similar vulnerability as CVE-2015-7545 in git. Git's git-remote-ext remote helper provides an ext:: URL scheme that allows running arbitrary shell commands. Mercurial allows specifying git repositories as...
Optipng Denial of Service Vulnerability
OptiPNG is a set of tools for lossless compression of images. A security vulnerability exists in OptiPNG versions prior to 0.7.6, which stems from the program failing to perform a bounds check for increasing or decreasing 'crtrow' values when processing delta escape characters for bitmap images. ...
[SECURITY] [DSA 3542-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3542-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 05, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3542-1 (mercurial - security update)
Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-3068 Blake Burkhart discovered that Mercurial allows URLs for Git subrepositories that could result in...
optipng: arbitrary code execution
An invalid write may occur in optipng before version 0.7.6 while processing bitmap images due to crtrow' being inc|decremented without any boundary checking when encountering delta escapes. This issue can possibly be used to execute arbitrary code...
Fly Delta - Customized SSL, MIT license, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Fly Delta published at the 'play' market has multiple vulnerabilities...
Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow
Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow !/usr/bin/env python Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit Vendor: Delta Electronics, Inc. Product web page: http://www.delta.com.tw Software link:...
Delta Industrial Automation DCISoft 1.12.09 - Stack Buffer Overflow
Exploit for windows platform in category local exploits !/usr/bin/env python Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit Vendor: Delta Electronics, Inc. Product web page: http://www.delta.com.tw Software link:...
Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow
!/usr/bin/env python Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit Vendor: Delta Electronics, Inc. Product web page: http://www.delta.com.tw Software link: http://www.delta.com.tw/product/em/download/downloadmain.asp?act=3&pid=3&cid=5&tpid=3 Affected version: 1.12.09...
Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow
!/usr/bin/env python Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit Vendor: Delta Electronics, Inc. Product web page: http://www.delta.com.tw Software link: http://www.delta.com.tw/product/em/download/downloadmain.asp?act=3&pid=3&cid=5&tpid=3 Affected version: 1.12.09...
Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit
Summary DCISoft is a integrated configuration tool of Delta network modules DVPEN01-SL, RTU-EN01, IFD9506, IFD9507, DVPSCM12-SL, DVPSCM52-SL for WINDOWS operation system. Description The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploited to...
Netgear RP614v3 Authentication Bypass
Vendor : NETGEAR Product : RP614v3 informed on : 12. 10. 2015 responded : no fixed : no Effect : Remotely exploitable over LAN/WLAN Typ : Authentication Bypass Difficulty : trivial The N300 FW authentication bypass inspired me to check my rp614v3 router and I found this bypass: Firmware:...
Automate Vulnerability Scanning: Seccubus
Seccubus automates regular vulnerability scans with vrious tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. The goal is to reduce the analysis time for subsequent scans of the same infrastructure by only reporting delta findings...
CVE-2015-0838
Dulwich (Python Git library) is affected by a buffer overflow in the C implementation of apply_delta in _pack.c, impacting versions before 0.9.9 and enabling remote code execution via a crafted pack file. Mitigation: upgrade to Dulwich 0.9.9+ (e.g., 0.10.0 per Mageia advisory) or apply provided s...
PT-2015-4907 · Dulwich · Dulwich
Name of the Vulnerable Software and Affected Versions: Dulwich versions prior to 0.9.9 Description: The issue is related to a buffer overflow in the C implementation of the apply delta function in pack.c. This allows remote attackers to execute arbitrary code via a crafted pack file...
[SECURITY] Fedora 20 Update: librsync-1.0.0-1.fc20
librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...