455 matches found
USN-2451-1: cgmanager vulnerability
Serge Hallyn discovered that cgmanager did not consistently enforce proper nesting when modifying cgroup properties. A local attacker in a privileged container could use this to set cgroup values for all cgroups...
USN-2451-1 cgmanager vulnerability
Serge Hallyn discovered that cgmanager did not consistently enforce proper nesting when modifying cgroup properties. A local attacker in a privileged container could use this to set cgroup values for all cgroups...
[SECURITY] Fedora 20 Update: nodejs-qs-0.6.6-3.fc20
This is a query string parser for node and the browser supporting nesting, as it was removed from 0.3.x, so this library provides the previous and commonly desired behavior and twice as fast. Used by express, connect and others...
Qualcomm Eudora 6.0.3 MIME Message Nesting Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10137/info It has been reported that Eudora is prone to a denial of service vulnerability when handling e-mail containing excessive MIME nesting. The problem is known to occur when the application attempts to decode the...
Apple QuickTime dref Atom Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Debian: Security Advisory (DSA-2536-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Opera Browser 10/11/12 - 'SVG Layout' Memory Corruption (Metasploit)
Exploit for Opera Browser 10/11/12 SVG layout Memory Corruption 0day Vulnerability: Discovered: 2010-10-13 Patched: 0day Tested on: v10.xx v10.50, v10.51, v10.52, v10.53, v10.54, v10.6, v10.61, v10.62 and v10.63 v11.xx v11.00, v11.01, v11.10, v11.11, v11.50 and v11.51 Exploit: Coded: 2010-10-14...
PT-2026-26286
Name of the Vulnerable Software and Affected Versions XML::Parser versions through 2.47 Description The software contains a heap buffer overflow in the st serial stack function. This occurs when parsing XML files with deeply nested elements. Specifically, when stackptr equals stacksize - 1, the...
mozilla -- "Wrapped" javascript: urls bypass security checks
A Mozilla Foundation Security Advisory reports: Some security checks intended to prevent script injection were incorrect and could be bypassed by wrapping a javascript: url in the view-source: pseudo-protocol. Michael Krax demonstrated that a variant of his favicon exploit could still execute...
security flaw
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
security flaw
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
Qualcomm Eudora 6.0.3 - MIME Message Nesting Denial of Service
Qualcomm Eudora 6.0.3 - MIME Message Nesting Denial of Service source: https://www.securityfocus.com/bid/10137/info It has been reported that Eudora is prone to a denial of service vulnerability when handling e-mail containing excessive MIME nesting. The problem is known to occur when the...
Qualcomm Eudora 6.0.3 - MIME Message Nesting Denial of Service
source: https://www.securityfocus.com/bid/10137/info It has been reported that Eudora is prone to a denial of service vulnerability when handling e-mail containing excessive MIME nesting. The problem is known to occur when the application attempts to decode the deeply nested message. Successful...
Unguarded calls to __toString() when nesting an object into an array
More info at https://symfony.com/blog/cve-2024-51754-unguarded-calls-to-tostring-in-a-sandbox-when-an-object-is-in-an-array-or-an-argument-list...