16 matches found
EUVD-2021-33925
Malicious code in bioql PyPI...
Rizin 资源管理错误漏洞
Rizin is a free open source reverse engineering framework from the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. Rizin suffers from a security...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
The multiple vulnerabilities in the linux-headers-2.6.26-2-all-hppa package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
DSA-2114-1 git-core
Bulletin has no description...
[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2095-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano August 23, 2010 http://www.debian.org/security/faq -...
DSA-1839-1 gst-plugins-good0.10 - arbitrary code execution
Bulletin has no description...
Openswan和strongSwan DPD报文远程拒绝服务漏洞
BUGTRAQ ID: 34296 CVECAN ID: CVE-2009-0790 Openswan和strongSwan都是Linux系统下的IPSEC实现。 死亡对等体检测(DPD)是IPsec IKE通知消息,使用ICOOKIE/RCOOKIE机制将入站报文匹配到已知的安全关联(ISAKMP)。在一个端点的ISAKMP状态已过期但另一个端点仍在使用旧状态发送DPD通知的情况下,如果远程攻击者向Openswan和strongSwan发送了恶意的RUTHERE或 RUTHEREACK通知报文的话,就会在不存在的状态对象st上触发空指针引用,导致pluto IKE守护程序崩溃并重启。...
[SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1683-1 [email protected] http://www.debian.org/security/ Florian Weimer December 08, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1650-1] New openldap2.3 packags fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1650-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 12, 2008 http://www.debian.org/security/faq -...
Afuse afuse.c文件Shell命令注入漏洞
BUGTRAQ ID: 30245 CVECAN ID: CVE-2008-2232 Afuse是使用FUSE在用户域实现的自动加载文件系统。 Afuse没有正确地过滤文件名便将其用在了system调用中。如果能够读访问afuse文件系统的攻击者使用了类似于以下的路径的话: /path/";arbitrary command;" /path/arbitrary command 则从注册为Afuse加载的目录请求上述特制文件就会导致以提升的权限执行任意命令。 Jacob Bower Afuse 0.2 Debian ------...
[SECURITY] [DSA 1587-1] New mtr packages fix execution of arbitrary code
------------------------------------------------------------------------ Debian Security Advisory DSA-1587-1 [email protected] http://www.debian.org/security/ Steve Kemp May 26, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
Xpdf嵌入字体处理代码执行漏洞
BUGTRAQ ID: 28830 CVECAN ID: CVE-2008-1693 Xpdf是便携文档格式(PDF)文件的开放源码查看器。 Xpdf显示PDF文件中所嵌入的畸形字体的方式存在漏洞,攻击者可以创建恶意的PDF文件,如果打开了该文件就会导致Xpdf崩溃或执行任意指令。 Xpdf 3.x Debian ------ Debian已经为此发布了一个安全公告(DSA-1548-1)以及相应补丁: DSA-1548-1:New xpdf packages fix arbitrary code exitution...
[SECURITY] [DSA 1390-1] New t1lib packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1390-1 [email protected] http://www.debian.org/security/ Noah Meyerhans October 18, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA 749-1] New ettercap packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA 749-1 [email protected] http://www.debian.org/security/ Michael Stone July 10, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
[SECURITY] [DSA 480-1] New Linux 2.4.17 and 2.4.18 packages fix local root exploit (hppa)
-------------------------------------------------------------------------- Debian Security Advisory DSA 480-1 [email protected] http://www.debian.org/security/ Martin Schulze April 14th, 2004 http://www.debian.org/security/faq -...
DSA-480 linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities
Bulletin has no description...