9063 matches found
CVE-2017-11079
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size...
Microsoft Edge Chakra asm.js Out-of-Bounds Read Exploit
Exploit for windows platform in category dos / poc / Here's a snippet of AsmJSByteCodeGenerator::EmitAsmJsFunctionBody. AsmJsVar initSource = nullptr; if decl-sxVar.pnodeInit-nop == knopName AsmJsSymbol initSym = mCompiler-LookupIdentifierdecl-sxVar.pnodeInit-name, mFunction; if...
CVE-2017-17704
A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode...
Scientific Linux Security Update : postgresql on SL7.x x86_64 (20171219)
Security Fixes : - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. CVE-2017-12172, CVE-2017-15097 Note: This patch drops the script privileges...
EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2017-1341)
According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account coul...
Buffer overflow
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc0x100, "This is not correctly encoded", "hex";' The buffer implementation was updated such that the buffer will...
ALPINE-CVE-2017-15897
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc0x100, "This is not correctly encoded", "hex";' The buffer implementation was updated such that the buffer will...
CVE-2017-15897
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc0x100, "This is not correctly encoded", "hex";' The buffer implementation was updated such that the buffer will...
CVE-2017-15897
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc0x100, "This is not correctly encoded", "hex";' The buffer implementation was updated such that the buffer will...
PT-2017-14275 · Node.Js +1 · Node.Js +1
Name of the Vulnerable Software and Affected Versions: Node.js versions 8.X through 9.X Description: The issue arises when the encoding for the fill value does not match the encoding specified, causing buffers to not be initialized correctly. For example, 'Buffer.alloc0x100, "This is not correctl...
CentOS Update for postgresql CESA-2017:3402 centos7
Check the version of postgresql SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882819";...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
Moderate: Red Hat Security Advisory: rh-postgresql94-postgresql security update
An update for rh-postgresql94-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
PT-2018-5763 · Red Hat +1 · Postgresql +2
Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root acces...
node.js -- Data Confidentiality/Integrity Vulnerability, December 2017
Node.js reports: Data Confidentiality/Integrity Vulnerability - CVE-2017-15896 Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSLread due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the...