squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record

The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service daemon abort via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record...

security flaw

Buffer overflow in the X render Xrender extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service crash, as demonstrated by the 1 XRenderCompositeTriStrip and 2 XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory...

Important: Red Hat Security Advisory: samba security update

Updated samba packages that fix various security vulnerabilities are now available. Samba provides file and printer sharing services to SMB/CIFS clients. During a code audit, Stefan Esser discovered a buffer overflow in Samba versions prior to 3.0.8 when handling unicode filenames. An authenticat...

Debian DSA-303-1 : mysql - privilege escalation

CAN-2003-0073: The mysql package contains a bug whereby dynamically allocated memory is freed more than once, which could be deliberately triggered by an attacker to cause a crash, resulting in a denial of service condition. In order to exploit this vulnerability, a valid username and password...

DSA-303 mysql - privilege escalation

Bulletin has no description...

Signed/unsigned conversion bug in OpenBSD select() call

By passing negative argument to select function it's possible to overwrite the fragment of kernel memory...