1065 matches found
Beware! Playing Untrusted Videos On VLC Player Could Hack Your Computer
If you use VLC media player on your computer and haven't updated it recently, don't you even dare to play any untrusted, randomly downloaded video file on it. Doing so could allow hackers to remotely take full control over your computer system. That's because VLC media player software versions...
DSA-4467-1 vim - security update
Bulletin has no description...
OPENSUSE-SU-2019:1530-1 Security update for libpng16
This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when pngimagefree was called under pngsafeexecute bsc1124211. - CVE-2018-13785: Fixed a wrong calculation of rowfactor in the pngcheckchunklength function i...
Multiple vulnerabilities in Joruri Mail
Overview Joruri Mail provided by SiteBridge Inc. contains multiple vulnerabilities listed below. Open Redirect CWE-601 - CVE-2019-5965 Session Management CWE-639 - CVE-2019-5966 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...
DLA-1815-1 poppler - security update
Bulletin has no description...
GHSA-M8FW-534V-XM85 Cross-Site Scripting (XSS) in cloudcmd
Versions of cloudcmd before 9.1.6 are vulnerable to cross-site scripting XSS when listing files in a directory. The attacker must control the name of a file for this vulnerability to be exploitable. Recommendation Update to version 9.1.6 or later...
DLA-1810-1 tomcat7 - security update
Bulletin has no description...
GHSA-5F7M-MMPC-QHH4 mysql Node.JS Module Vulnerable to Remote Memory Exposure
Versions of mysql before 2.14.0 are vulnerable to remove memory exposure. Affected versions of mysql package allocate and send an uninitialized memory over the network when a number is provided as a password. Only mysql running on Node.js versions below 6.0.0 are affected due to a throw added in...
DLA-1785-1 imagemagick - security update
Bulletin has no description...
DLA-1783-1 atftp - security update
Bulletin has no description...
JVN#69903953: Electronic reception and examination of application for radio licenses Offline may insecurely load Dynamic Link Libraries
Electronic reception and examination of application for radio licenses Offline contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the running software. Solution Update the...
DSA-4440-1 bind9 - security update
Bulletin has no description...
DLA-1777-1 jquery - security update
Bulletin has no description...
DLA-1778-1 symfony - security update
Bulletin has no description...
DLA-1772-1 libvirt - security update
Bulletin has no description...
DLA-1754-1 samba - security update
Bulletin has no description...
DSA-4428-1 systemd - security update
Bulletin has no description...
OPENSUSE-SU-2019:1147-1 Security update for openssl-1_1
This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: - Fixed a segfault in...
DLA-1737-1 pdns - security update
Bulletin has no description...
DLA-1734-1 libraw - security update
Bulletin has no description...