JerryScript 安全漏洞

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from an assertion failure in /parser/js/js-parser-mem.c. An attacker could use this vulnerability to launch a denial of service...

USN-5212-2 apache2 vulnerabilities

USN-5212-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use thi...

Debian DSA-4814-1 : xerces-c - security update

It was discovered that xerces-c, a validating XML parser library for C++, did not correctly scan DTDs. The use-after-free vulnerability resulting from this issue would allow a remote attacker to leverage a specially crafted XML file in order to crash the application or potentially execute arbitra...

CVE-2018-10536

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...