14 matches found
Soroban: Muxed address<->ScVal conversions may break after a conversion failure
Summary Soroban host ensures that MuxedAddress objects can't be used as storage keys in order to proactively prevent the contract logic bugs. However, due to a bug in Soroban host implementation, a failure in Val-ScVal conversion during the storage key computation will have the flag indicating th...
GHSA-PM4J-7R4Q-CCG8 Soroban: Muxed address<->ScVal conversions may break after a conversion failure
Summary Soroban host ensures that MuxedAddress objects can't be used as storage keys in order to proactively prevent the contract logic bugs. However, due to a bug in Soroban host implementation, a failure in Val-ScVal conversion during the storage key computation will have the flag indicating th...
EUVD-2015-7422
Malware in sbrugna...
resteasy: Error message exposes endpoint class information
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
resteasy: Error message exposes endpoint class information
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
resteasy: Error message exposes endpoint class information
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
resteasy: Error message exposes endpoint class information
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:0223-1)
This update for samba fixes the following issues : Security issues fixed : CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888. CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not workin...
SUSE-SU-2020:0152-1 Security update for samba
This update for samba fixes the following issues: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888...
CVE-2015-7498
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure...
Memory corruption
The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...
CVE-2014-3493
The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...
CVE-2012-1947
Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...
PostgreSQL Denial of Service Vulnerability (Linux)
This host is installed with PostgreSQL Server and is prone to denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpostgresqldosvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ PostgreSQL Denial of Service Vulnerability Linux Authors: Sujit Ghosal Copyright: Copyright c 2009...