98 matches found
LIVE555 Memory Leak Vulnerability
LIVE555 is a set of open source C++ libraries for multimedia streaming. LIVE555 suffers from a memory leak vulnerability. The vulnerability stems from because when multiple instances of a single field username, realm, nonce, uri, or response exist, only the last instance can be freed. An attacker...
CVE-2019-7659
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service application abort or possibly have unspecified other impact if a server application is built with the -DWITHCOOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ librarie...
[SECURITY] Fedora 29 Update: nekovm-2.2.0-8.fc29
Neko is a high-level dynamically typed programming language which can also be used as an embedded scripting language. It has been designed to provide a common run-time for several different languages. Neko is not only very easy to learn and use, but also has the flexibility of being able to exten...
[SECURITY] Fedora 27 Update: boost-1.64.0-6.fc27
Boost provides free peer-reviewed portable C++ source libraries. The emphasis is on libraries which work well with the C++ Standard Library, in the hopes of establishing "existing practice" for extensions and providing reference implementations so that the Boost libraries are suitable for eventua...
[SECURITY] Fedora 26 Update: poco-1.7.8p3-3.fc26
The POCO C++ Libraries POCO stands for POrtable COmponents are open source C++ class libraries that simplify and accelerate the development of network-centric, portable applications in C++. The POCO C++ Libraries are built strictly on standard ANSI/ISO C++, including the standard library...
[SECURITY] Fedora 27 Update: poco-1.7.8p3-3.fc27
The POCO C++ Libraries POCO stands for POrtable COmponents are open source C++ class libraries that simplify and accelerate the development of network-centric, portable applications in C++. The POCO C++ Libraries are built strictly on standard ANSI/ISO C++, including the standard library...
CVE-2017-1000472
The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...
CVE-2017-1000472
The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...
CVE-2017-1000472
The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...
CVE-2017-1000472
POCO C++ Libraries prior to 1.8 contain a ZIP path-validation flaw in ZipCommon::isValidPath() that can allow absolute path traversal during ZIP decompression, potentially enabling creation or overwriting of arbitrary files via a crafted ZIP file. Reports across multiple distributions (Debian, Fe...
CVE-2017-1000472
The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...
CVE-2017-1000472
The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...
RedHat Update for glibc RHSA-2017:1916-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Wube Factorio Security Bypass Vulnerability
Wube Factorio Alien Factory is a factory construction game from Wube Software, Czech Republic. A security vulnerability exists in the Lua interface in versions of Wube Factorio prior to 0.15.31. A remote attacker can exploit this vulnerability by including and loading C libraries to bypass the...
Linux Kernel 4.6.3 Netfilter Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 4.6.3 Netfilter Privilege Escalation', 'Description' = %q This module attempts to exploit a netfilter bug on Linux...
[SECURITY] Fedora 23 Update: poco-1.4.2p1-3.fc23
The POCO C++ Libraries POCO stands for POrtable COmponents are open source C++ class libraries that simplify and accelerate the development of network-centric, portable applications in C++. The POCO C++ Libraries are built strictly on standard ANSI/ISO C++, including the standard library...
[SECURITY] Fedora 22 Update: poco-1.4.2p1-3.fc22
The POCO C++ Libraries POCO stands for POrtable COmponents are open source C++ class libraries that simplify and accelerate the development of network-centric, portable applications in C++. The POCO C++ Libraries are built strictly on standard ANSI/ISO C++, including the standard library...
CentOS 7 : glibc (CESA-2015:2199)
Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
RedHat Update for glibc RHSA-2014:1391-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 20 Update: mingw-icu-50.1.2-3.fc20
ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...