32 matches found
USN-7787-1 libxslt vulnerabilities
Ivan Fratric discovered that Libxslt did not correctly handle certain memory operations. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...
Mageia: Security Advisory (MGASA-2013-0349)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WebKitGTK+ Memory Corruption / Code Execution Vulnerability
Exploit for windows platform in category dos / poc ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0004 ------------------------------------------------------------------------ Date reported : May 07, 2018 Advisory ID : WSA-2018-0004...
USN-3640-1: WebKitGTK+ vulnerability
Ivan Fratric discovered that WebKitGTK+ incorrectly handled certain web content. If a user were tricked into viewing a malicious website, a remote attacker could possibly exploit this to execute arbitrary code...
USN-3640-1 webkit2gtk vulnerability
Ivan Fratric discovered that WebKitGTK+ incorrectly handled certain web content. If a user were tricked into viewing a malicious website, a remote attacker could possibly exploit this to execute arbitrary code...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
WebKit FormSubmission::create Use-After-Free
WebKit: use-after-free in FormSubmission::create CVE-2017-2460 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on a nightly version of WebKit. The PoC has also been observed to crash Safari 10.0.2 on Mac. Please note: This bug is subject to a 90 day...
Apple WebKit - FormSubmission::create Use-After-Free Exploit
Exploit for multiple platform in category dos / poc function go object.name = "foo"; input.autofocus = true; output.appendChildinput; form.submit; function eventhandler forvar i=0;i a !-- ================================================================= Preliminary analysis: The bug is in...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
RHEL 7 : firefox (RHSA-2017:0461)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:0461 advisory. Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.0 ESR. Security Fixes: Multiple flaws were found i...
Critical: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Vulnerability in OpenSSL - Invalid free in DTLS
This vulnerability does not affect current versions of OpenSSL. It existed in previous OpenSSL versions and was fixed in June 2014. If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a...
Updated python-dulwich packages fix security vulnerabilities
Updated python-dulwich package fixes security vulnerabilities: It was discovered that Dulwich allows writing to files under .git/ when checking out working trees. This could lead to the execution of arbitrary code with the privileges of the user running an application based on Dulwich...
Mandriva Linux Security Advisory : yaml (MDVSA-2015:060)
Updated yaml packages fix security vulnerabilities : Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially crafted tag that, when...
Vulnerability in OpenSSL - Information leak in pretty printing functions
A flaw in OBJobj2txt may cause pretty printing functions such as X509nameoneline, X509nameprintex, to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected. Found by...
Ubuntu Update for libyaml-libyaml-perl USN-2161-1
Check for the Version of libyaml-libyaml-perl OpenVAS Vulnerability Test $Id: gbubuntuUSN21611.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for libyaml-libyaml-perl USN-2161-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net Thi...
Ubuntu 12.04 LTS / 12.10 / 13.10 : libyaml vulnerability (USN-2160-1)
Ivan Fratric discovered that LibYAML incorrectly handled certain malformed YAML documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description...
Ubuntu 12.04 LTS / 12.10 / 13.10 : libyaml-libyaml-perl vulnerabilities (USN-2161-1)
Florian Weimer discovered that libyaml-libyaml-perl incorrectly handled certain large YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6393 Ivan Fratric discovered that...
Important: Red Hat Security Advisory: ruby193-libyaml security update
Updated ruby193-libyaml packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
USN-2161-1: libyaml-libyaml-perl vulnerabilities
Florian Weimer discovered that libyaml-libyaml-perl incorrectly handled certain large YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6393 Ivan Fratric discovered that...