1077 matches found
SQLite Denial of Service Vulnerability (CNVD-2015-02748)
SQLite is an open source C-based embedded relational database management system developed by American software developer D. Richard Hipp. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in the 'sqlite3VXPrintf' function in the...
DEBIAN-CVE-2015-3416
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...
CVE-2015-3416
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...
UBUNTU-CVE-2015-3416
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...
[SECURITY] Fedora 20 Update: mpfr-3.1.2-5.fc20
The MPFR library is a C library for multiple-precision floating-point computations with "correct rounding". The MPFR is efficient and also has a well-defined semantics. It copies the good ideas from the ANSI/IEEE-754 standard for double-precision floating-point arithmetic 53-bit mantissa. MPFR is...
[SECURITY] Fedora 21 Update: mpfr-3.1.2-8.fc21
The MPFR library is a C library for multiple-precision floating-point computations with "correct rounding". The MPFR is efficient and also has a well-defined semantics. It copies the good ideas from the ANSI/IEEE-754 standard for double-precision floating-point arithmetic 53-bit mantissa. MPFR is...
CVE-2013-4539
Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...
Verizon Wireless Injects Identifiers to Track Mobile Customers’ Online Activities
The Nation's largest telecom operator 'Verizon Wireless' is tracking its customers' mobile internet traffic by adding a token to Web requests traveling over its network, in order to facilitate targeted advertising even if a user has opted out of their Customer Proprietary Network Information CPNI...
qemu: hpet: buffer overrun on invalid state load
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...
DEBIAN-CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
PYSEC-2014-107
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
Code injection
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
PYSEC-2014-107
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
UBUNTU-CVE-2014-5251
The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...
qemu: hpet: buffer overrun on invalid state load
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...
Monsanto Suffers Data Breach at Precision Planting Unit
Monsanto, the massive international agricultural conglomerate, has disclosed a data breach that involved the personal information of customers and employees of its Precision Planting subsidiary. The breach included names, addresses, possibly Social Security numbers and some financial account...
DotItYourself 6.11.060830 Command Execution
Remote Comand Execution on DotItYourself + Date: 26/03/2014 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on Windows 7 and Linux + Software info : https://www.precisionwebhosting.com/cgi.htm + Vulnerable File: dot-it-yourself.cgi + Version : Version...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...