7722 matches found
[SECURITY] Fedora 29 Update: keepalived-2.0.10-1.fc29
Keepalived provides simple and robust facilities for load balancing and high availability to Linux system and Linux based infrastructures. The load balancing framework relies on well-known and widely used Linux Virtual Server IPVS kernel module providing Layer4 load balancing. Keepalived implemen...
LibRaw 'LibRaw::panasonic_load_raw()' function heap buffer overflow vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A heap buffer overflow vulnerability exists in the 'LibRaw::panasonicloadraw' function in the dcrawcommon.cpp file in LibRaw versions prior to 0.18.6. A remote attacker can...
LibRaw 'samsung_load_raw()' function memory out-of-bounds read vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A security vulnerability exists in the 'samsungloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker can exploit this...
Ruby: The taint flag is not propagated at JSON.parse
Vulnerability description not provided...
CVE-2018-5812
An error within the "nikoncoolscanloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference...
DEBIAN-CVE-2018-5810
An error within the "rolleiloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...
DEBIAN-CVE-2018-5800
An off-by-one error within the "LibRaw::kodakycbcrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...
UBUNTU-CVE-2018-5806
An error within the "leafhdrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference...
DEBIAN-CVE-2018-5802
An error within the "kodakradcloadraw" function internal/dcrawcommon.cpp related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...
DEBIAN-CVE-2017-16909
An error related to the "LibRaw::panasonicloadraw" function dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image...
DEBIAN-CVE-2018-5805
A boundary error within the "quicktake100loadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash...
DEBIAN-CVE-2018-5807
An error within the "samsungloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...
CVE-2018-5812
An error within the "nikoncoolscanloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference...
Valve: Malformed save files (.sav) allow to write files with arbitrary extensions and content in GoldSrc-based games.
The structure of the save file implies unpacking of temporary files with extensions .HL1, .HL2 and .HL3. In the code of command 'load', there is a check for invalid substrings, such as .., so unpacking the files into the top directories will not work. Also, it seems, there is a code for checking...
UBUNTU-CVE-2018-19756
There is a heap-based buffer over-read at stbimage.h function: stbitgaload in libsixel 1.8.2 that will cause a denial of service...
StoreFront Loopback Feature analysis when configuring Base URL for load balance
In previous versions of StoreFront such as 2.6 or older, Citrix recommended that you manually modify the hosts file on each StoreFront server to map the fully qualified domain name FQDN of the load balancer to the loopback address or the IP address of the specific StoreFront server. This ensures...
Heap overflow
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...
DEBIAN-CVE-2018-12121
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...
ALPINE-CVE-2018-12121
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...
CVE-2018-12121
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...