4371 matches found
CVE-2018-5189
CVE-2018-5189 affects Jungo Windriver 12.5.1. A race condition (double-fetch) in a Windriver IOCTL handler allows local users to overflow a pool buffer, potentially causing denial of service or privilege escalation to SYSTEM. Exploitation demonstrated via kernel pool spraying and a crafted Event ...
DEBIAN-CVE-2017-1000480
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
CVE-2017-1000480
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
Code injection
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
CVE-2017-1000480
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
UBUNTU-CVE-2017-1000480
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
CVE-2017-1000480
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
CVE-2017-1000480
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...
Ed: Fix for self-DoS in Security-txt Chrome Extension.
@sp1d3rs found a self-DoS vulnerability in the Security-txt Chrome Extension. He was also kind enough to provide a fix wich you can find on GitHub. We merged @sp1d3rs' fix when he submitted a PR. We later decided that it was better to stop using XHR and use Fetch instead, a newer API. This was th...
curl security update
7.29.0-42.el74.1 - fix buffer overflow while processing IMAP FETCH response CVE-2017-1000257...
ALPINE-CVE-2017-8807
vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...
UBUNTU-CVE-2017-8807
vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...
DEBIAN-CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
Heap overflow
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
Exitmap - A Fast and Modular Scanner for TOR Exit Relays
Exitmap is a fast and modular Python-based scanner for Tor exit relays. Exitmap modules implement tasks that are run over a subset of all exit relays. If you have a background in functional programming, think of exitmap as a map interface for Tor exit relays: Modules can perform any TCP-based...
[SECURITY] [DSA 4007-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4007-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini October 27, 2017 https://www.debian.org/security/faq -...