612 matches found
Wireshark ui/failure_message.c file memory leak vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the ui/failuremessage.c file in Wireshark versions...
Wireshark epan/dissectors/packet-isup.c file memory leak vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the epan/dissectors/packet-isup.c file in Wireshark...
Jenkins Mercurial Plugin Security Bypass Vulnerability
Jenkins is an open source software project , is based on Java development of a continuous integration tool . A security vulnerability exists in the MercurialStatus.java file in Jenkins Mercurial Plugin 2.2 and earlier versions. An attacker can exploit the vulnerability to obtain a list of nodes a...
Code execution vulnerability in LaySNS v2.2.0 System.php page
LaySNS Light Community is a comprehensive website system based on ThinkPHP5+LayUI that integrates content publishing and community exchange. A code execution vulnerability exists in the program implementation of the LaySNS v2.2.0 System.php page, which is due to the system's failure to strictly...
Wireshark FCP Protocol Parser Denial of Service Vulnerability
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.FCP protocol dissector is one of the FCP mesh channel protocol parsers. A securi...
DEBIAN-CVE-2018-7332
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length...
UBUNTU-CVE-2018-7322
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound...
DEBIAN-CVE-2017-10869
Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors...
IBM Sterling File Gateway Security Bypass Vulnerability
IBM Sterling File Gateway is a suite of file transfer software from IBM in the United States. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. A security bypass vulnerability exists in IBM Sterling File...
IBM Sterling File Gateway Cross-Site Scripting Vulnerability
IBM Sterling File Gateway is a suite of file transfer software from IBM in the United States. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. A cross-site scripting vulnerability exists in IBM Sterling...
DEBIAN-CVE-2017-15193
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach...
YADIFA DNS Packet Parser Denial of Service Vulnerability
YADIFA is a lightweight authoritative name server with DNSSEC capabilities.DNS packet parser is one of the Domain Name System DNS resolvers. A security vulnerability exists in the DNS packet parser in versions of YADIFA prior to 2.2.6, which stems from the program failing to detect the presence o...
ALPINE-CVE-2017-14164
A size-validation issue was discovered in opjj2kwritesot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service heap-based buffer overflow affecting opjwritebytesLE in lib/openjp2/cio.c or possibly remote code execution...
OpenJPEG heap buffer overflow vulnerability (CNVD-2017-24325)
OpenJPEG is a C-based open source JPEG 2000 codec . A heap buffer overflow vulnerability exists in the 'opjmqcbyteout' function of the mqc.c file in versions of OpenJPEG prior to 2.2.0. A remote attacker can exploit this vulnerability to cause a denial of service application crash with the help o...
DEBIAN-CVE-2016-10507
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted bmp file...
ALPINE-CVE-2017-11408
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection...
FreeRADIUS Denial of Service Vulnerability (CNVD-2017-16975)
FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...
CVE-2017-6725
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCuw65833 CSCuw65837. Known Affected Releases: 2.22...
VulnCheck KEV: CVE-2003-0127
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...
UBUNTU-CVE-2017-7758
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...