72 matches found
CVE-2018-19204
PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker with read-write privileges to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport' is mishandled. The attacker can...
Debian: Security Advisory (DSA-4328-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2018-0371 Updated ntp packages fix security vulnerability
Updated ntp packages fix security vulnerability: Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter CVE-2018-12327...
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
Stack overflow
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
Stack overflow
An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
UBUNTU-CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
DEBIAN-CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
CVE-2018-12327
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...
CVE-2018-12327
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...
CVE-2018-12327
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...
ALPINE-CVE-2016-9634
Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via the startline parameter...
MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015
MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015 Summary This security update helps resolve an information disclosure vulnerability in Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability, an attacker would first hav...
GStreamer Good Plug-ins start_line parameter write buffer overflow vulnerability
GStreamer is a multimedia framework for creating streaming applications in the GNOME desktop environment. A buffer overflow vulnerability exists in GStreamer Good Plug-ins. An attacker could exploit the vulnerability to execute arbitrary code in the context of a user running the affected...
rhscon-ceph: password leak by command line parameter
A flaw was found in the way authentication details were passed between rhscon-ceph and rhscon-core. An authenticated, local attacker could use this flaw to recover the cleartext password...
Locky is Back Asking for Unpaid Debts
On June 21, 2016, FireEye’s Dynamic Threat Intelligence DTI identified an increase in JavaScript contained within spam emails. FireEye analysts determined the increase was the result of a new Locky ransomware spam campaign. As shown in Figure 1, Locky spam activity was uninterrupted until June 1,...
CVE-2015-2423
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2,...