Fixed in ClickHouse Release 1.1.54388, 2018-06-28 

“remote” table function allowed arbitrary symbols in “user”, “password” and “defaultdatabase” fields which led to Cross Protocol Request Forgery Attacks...

Fixed in ClickHouse Release 1.1.54388, 2018-06-28​

"remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

The vulnerability of the microprogramming software of the Cisco TelePresence VCS device allows a intruder to trigger a service failure.

The vulnerability of Cisco TelePresence VCS’s microprogramming software stems from resource management errors. Exploiting this vulnerability allows a malicious actor to trigger service failure by sending a specially crafted SDP request with session parameters during an SIP connection...

Design/Logic Flaw

The moddavsvn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences...

CVE-2014-8298

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service segmentation fault...

Microsoft Windows SMBv2协商远程代码执行漏洞(MS09-050)

Bugraq ID: 36299 CVE ID：CVE-2009-3103 Microsoft windows是一款流行的操作系统。 Microsoft windows SMB2是新版windows捆绑的SMB协议实现，SRV2.SYS驱动不正确处理发送给NEGOTIATE PROTOCOL REQUEST功能的畸形SMB头字段数据，NEGOTIATE PROTOCOL REQUEST是客户端发送给SMB服务器的第一个SMB查询，用于识别SMB语言并用于之后的通信。 远程攻击者可以构建Process Id...

Microsoft Windows (including Windows 7) SMB2 array index overflow

Crash on SMB2 protocol NEGOTIATE PROTOCOL REQUEST SMB request parsing...

Windows Vista/7 SMB2.0 Negotiate Protocol Request Remote BSOD Vuln

Exploit for unknown platform in category dos / poc ================================================================== Windows Vista/7 SMB2.0 Negotiate Protocol Request Remote BSOD Vuln ================================================================== =============================================...

Microsoft Windows Vista7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063)

Microsoft Windows Vista7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death MS07-063 ============================================= - Release date: September 7th, 2009 - Discovered by: Laurent Gaffié - Severity: High ============================================= I. VULNERABILITY...

Out-of-bounds

Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service system crash via an & ampersand character in a Proces...

PT-2009-1117

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to a fixed version Description The issue is related to an array index error in the SMBv2 protocol implementation, allowing remote attackers to execute arbitrary code or cause a denial of service via a specially...

security flaw

Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

CVE-2006-6102

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

CVE-2006-6103

Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

CVE-2006-6103

Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

CVE-2006-6101

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data...

DEBIAN-CVE-2006-6102

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

CVE-2006-6102

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...

DEBIAN-CVE-2003-0072

The Key Distribution Center KDC in Kerberos 5 krb5 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service crash on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array aka "array overrun"...

DEBIAN-CVE-2003-0082

The Key Distribution Center KDC in Kerberos 5 krb5 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service crash on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap aka "buffer underrun"...