6689 matches found
PT-2017-3905 · Faad2 +1 · Faad2 +1
Name of the Vulnerable Software and Affected Versions: FAAD2 version 2.7 Description: The issue is related to the mp4ff parse tag function, which can lead to a denial of service due to an infinite loop and CPU consumption when processing a crafted mp4 file. This allows remote attackers to exploit...
DEBIAN-CVE-2016-7837
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parseline function used in some userland utilities...
UBUNTU-CVE-2016-7837
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parseline function used in some userland utilities...
EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2017-1098)
According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to...
DEBIAN-CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
UBUNTU-CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
Code injection
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2015-8326
The CVE-2015-8326 issue affects the IPTables-Parse Perl module (before 1.6). A local attacker can exploit insecure temporary file creation to write to arbitrary files owned by the current user via the module’s file handling. Root cause: predictable/unsafe temporary file handling enabling a symbol...
CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2017-629)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.10 - OpenJDK 7u141 bsc1034849 - Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-351...
DEBIAN-CVE-2017-9228
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...
Local heap buffer overflow vulnerability in libplist 'parse_unicode_node()' function
libimobiledevice is a software protocol library and tool that allows Linux to support connectivity to iOS devices such as the iPhone, iPodTouch, etc. libplist is one of the libraries that handles the Apple Property List format in binary or XML format. A local heap buffer overflow vulnerability...
UBUNTU-CVE-2017-9228
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...
ALPINE-CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...
UBUNTU-CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...