Astra Linux - уязвимость в ntp

In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when adding a decimal point. An adversary may be able to attack a client’s ntpq process, but they cannot attack the ntpd process...

CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

PT-2025-42750

Name of the Vulnerable Software and Affected Versions Lanscope Endpoint Manager versions 9.4.7.1 and earlier Motex LANSCOPE Endpoint Manager versions 9.4.7.2 and earlier Description Lanscope Endpoint Manager Client program and Detection agent has a flaw in how it verifies the source of incoming...

xmlrpc-c security update

An update is available for xmlrpc-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list XML-RPC is a remote procedure call RPC protocol that uses XML to encode its...

DEBIAN-CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

JVN#18056666: Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries

Installer of MagicConnect Client program provided by NTT TechnoCross Corporation contains a vulnerability which may lead to insecurely loading Dynamic Link Libraries CWE-427 when a terminal is connected remotely using Remote desktop. Impact Arbitrary code may be executed with the privilege of the...

[SECURITY] Fedora 30 Update: libpq-11.4-1.fc30

The libpq package provides the essential shared library for any PostgreSQL client program or interface. You will need to install this package to use any other PostgreSQL package or any clients that need to connect to a PostgreSQL server...

Evaluating the GCHQ Exceptional Access Proposal

The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the UK, Australia, and elsewhere -- argue that the pervasive use of civilian encryption is hampering their ability to solve crimes and that they need the tech companies to make...

Pop Under Ads Network 1.0 MySQL Credential Disclosure

| Title : pop under ads network v1.0 MySQL connection credentials Vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : 1.0 | Vendor : http://dl.20script.ir/script/ads/20S-pop-under-ads-network-v1.0www.20script.ir.zip...

MGASA-2016-0289 Updated postgresql packages fix security vulnerability

It was discovered that certain SQL statements containing CASE/WHEN commands could crash the PostgreSQL server, or disclose a few bytes of server memory, potentially leading to arbitrary code execution CVE-2016-5423. It was found that PostgreSQL client programs mishandle database and role names...

CVE-2009-1472

The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 has a hardcoded AES encryption key, which makes it easier for man-in-the-middle attackers to 1 execute arbitrary Java code, or 2 gain access to machines connected to...

CVE-2003-0538

The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program...

CVE-2003-0538

The mailcap configuration in mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, allowing remote attackers to execute arbitrary Oz programs in a MIME-aware client. Impact is arbitrary code execution under the user running the MIME client; affected: mozart with mail...

KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely

Overview The environment variables krb4proxy and KRBCONFDIR may be respected by client programs such as login or su, in such a way that local or remote intruders can cause the client program to accept authentication requests from a malicious KDC. The vulnerabilites may be exploited remotely by...

Kuang2 the Virus Detection

Kuang2 the Virus was found. Kuang2 the Virus is a program that infects all the executables on the system, as well as set up a server that allows the remote control of the computer. The client program allows files to be browsed, uploaded, downloaded, hidden, etc on the infected machine. The client...