33 matches found
SUSE: Security Advisory (SUSE-SU-2015:0758-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM Tivoli Storage Manager Operations Center 缓冲区错误漏洞
A buffer overflow vulnerability exists in IBM Tivoli Storage Manager Operations Center, a next-generation simplified backup management solution from IBM USA, which can be exploited in The vulnerability can be exploited in "interactive" mode and cannot be exploited in batch or command line use due...
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...
Security update for gitolite (moderate)
This update for gitolite fixes the following issues: Gitolite was updated to 3.6.9: - CVE-2018-16976: prevent racy access to repos in process of migration to gitolite boo1108272 - 'info' learns new '-p' option to show only physical repos as opposed to wild repos The update to 3.6.8 contains: - fi...
[SECURITY] Fedora 27 Update: gifsicle-1.91-1.fc27
Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations. Some more gifsicle features: Batch mode for changing GIFs in place. Prints detailed information about GIFs, including comments. Control over interlacing, comments, looping,...
reversemap - Analyse SQL injection attempts in web server logs
Analyse SQL injection attempts in web server logs The program can either be run in batch mode or interactive mode. In batch mode the program will accept Apache web server logs and will deobfuscate requested URLs from the logs. In interactive mode the program will prompt for user input and will...
Updated zookeeper packages fix security vulnerability
Lyon Yang discovered that the C client shells clist and climt of Apache Zookeeper were affected by a buffer overflow vulnerability associated with parsing of the input command when using the "cmd:" batch mode syntax. If the command string exceeds 1024 characters a buffer overflow will occur...
DEBIAN-CVE-2016-5017
Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string...
UBUNTU-CVE-2016-5017
Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string...
PT-2016-3454 · Apache +2 · Apache Zookeeper +2
Name of the Vulnerable Software and Affected Versions: Apache Zookeeper versions 3.4.9 and earlier, 3.5.x before 3.5.3 Description: The issue is related to a buffer overflow in the C cli shell of Apache Zookeeper when using the "cmd:" batch mode syntax. This can allow attackers to have an impact ...
[Peepdf] PDF Analysis and Creation/Modification Tool
peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible ...
USN-389-1: GnuPG vulnerability
A buffer overflow was discovered in GnuPG. By tricking a user into running gpg interactively on a specially crafted message, an attacker could execute arbitrary code with the user's privileges. This vulnerability is not exposed when running gpg in batch mode...
GnuPG format string vulnerability in do_get() in ttyio.c while prompting for a new filename
Overview There is a format string vulnerability in GNU Privacy Guard. By sending a GPG message with a carefully crafted malicious filename, an attacker may be able to execute arbitrary code as the user who decrypts the message. Description GNU Privacy Guard GPG is a free, RFC2440 compliant...