R PDF LoadEncoding Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this...

CVE-2016-4950

Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions...

FTPShell Client 6.53 - Remote Buffer Overflow

FTPShell Client 6.53 - Remote Buffer Overflow Exploit Title: FTPShell Client 6.53 buffer overflow on making initial connection Date: 2017-03-04 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: http://www.ftpshell.com/downloadclient.htm Version: Windows...

[SECURITY] Fedora 25 Update: cxf-3.1.6-5.fc25

Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...

Modicon Modbus/TCP UnityPro Programming Function Code Access

Binary data scadamodbusmodiconproject.nbin...

CVE-2017-6056

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the f...

CVE-2017-6056

Technical details for CVE-2017-6056 (affected product, root cause, impact and fixes) are not provided in the connected documents; monitor for updates.

CVE-2017-6056

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the f...

CVE-2017-6056

Removed by vendor...

[SECURITY] [DLA 823-1] tomcat7 security update

Package : tomcat7 Version : 7.0.28-4+deb7u10 CVE ID : not yet available Debian Bug : 854551 It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. For Debian 7 "Wheezy", these...

Debian DSA-3788-1 : tomcat8 - security update

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

Debian DSA-3787-1 : tomcat7 - security update

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

CVE-2017-6056

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the f...

Updated icoutils packages fix security vulnerability

Multiple programming errors in the wrestool tool of the icoutils suite allows denial of service or the execution of arbitrary code if a malformed binary is parsed CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333...

CVE-2016-6068

IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties...

shellcode programming: in memory in the parsing API to address-vulnerability warning-the black bar safety net

For Windows all with position-independent code, PIC core feature is based on a real-time analysis the API function address. It is a very important task. Here I introduce two popular methods, the use of the import address table IAT, and export address table to EAT is by far the most stable method...

JVN#50197114: smalruby-editor vulnerable to OS command injection

smalruby-editor provided by Ruby Programming Shounendan is web-based editor to create Ruby programs. smalruby-editor containts an OS command injection vulnerability CWE-78. Impact A remote attacker may execute arbitrary OS command on the server where smalruby-editor resides. Solution Update the...

[SECURITY] Fedora 25 Update: chicken-4.11.0-3.fc25

CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions...

Debian: Security Advisory (DSA-3765-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: compat-guile18-1.8.8-14.fc24

GUILE GNU's Ubiquitous Intelligent Language for Extension is a library implementation of the Scheme programming language, written in C. GUILE provides a machine-independent execution platform that can be linked in as a library during the building of extensible programs. Install the compat-guile18...