The vulnerability of the `finish_nested_data` function in the PHP interpreter allows a attacker to potentially compromise the integrity of data.

The vulnerability of the finishnesteddata function in the PHP interpreter’s ext/standard/varunserializer.re module arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to potentially compromise the integrity of PHP dat...

PYSEC-2017-41

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups...

UBUNTU-CVE-2017-12962

There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack...

UBUNTU-CVE-2017-12933

The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP...

Debian DSA-3942-1 : supervisor - security update

Calum Hutton reported that the XML-RPC server in supervisor, a system for controlling process state, does not perform validation on requested XML-RPC methods, allowing an authenticated client to send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server a...

Debian: Security Advisory (DSA-3942-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Input validation

The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...

UBUNTU-CVE-2017-12448

The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...

CVE-2017-12448

The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...

DEBIAN-CVE-2017-12448

The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...

Kernel: kvm: nVMX: uncaught software exceptions in L1 guest leads to DoS

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to an uncaught exception issue. It could occur if an L2 guest was to throw an exception which is not handled by an L1 guest...

Kernel: kvm: page reference leakage in handle_vmon

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handlevmon'. An L1 guest user could use this flaw to leak host memory potentiall...

Kernel: kvm: nVMX: uncaught software exceptions in L1 guest leads to DoS

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to an uncaught exception issue. It could occur if an L2 guest was to throw an exception which is not handled by an L1 guest...

Kernel: kvm: page reference leakage in handle_vmon

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handlevmon'. An L1 guest user could use this flaw to leak host memory potentiall...

CVE-2017-9617

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion uncontrolled recursion in the dissectdaaponetag function in epan/dissectors/packet-daap.c in the DAAP dissector...

DEBIAN-CVE-2017-9617

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion uncontrolled recursion in the dissectdaaponetag function in epan/dissectors/packet-daap.c in the DAAP dissector...

CVE-2017-9617

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion uncontrolled recursion in the dissectdaaponetag function in epan/dissectors/packet-daap.c in the DAAP dissector...

Joomla! v3. 7 SQL injection high-risk vulnerability is a technical analysis of CVE-2017-8917-a vulnerability warning-the black bar safety net

comfields components loopholes, comfields Assembly is in 3. 7 version Added, if you use this version, will be affected and should be updated soon. This component publicly accessible, which means that any be able to access your site the user can initiate the attack. Vulnerability details ! From th...

Ad-LDAP-Enum - Active Directory LDAP Enumerator

ad-ldap-enum is a Python script that was developed to discover users and their group memberships from Active Directory. In large Active Directory environments, tools such as NBTEnum were not performing fast enough. By executing LDAP queries against a domain controller, ad-ldap-enum is able to...

Adobe Reader DC Nested Variables Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with XS...