gaoxuyan path traversal vulnerability

gaoxuyan is a set of server software. A directory traversal vulnerability exists in gaoxuyan. An attacker can exploit this vulnerability by placing a '... /' sequence in the url to gain access to the file system...

Amazon Linux 2 : kernel (ALAS-2018-1023)

A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

GNU Wget Cookie Injection Vulnerability

GNU Wget is a free software package for retrieving files using the most widely used Internet protocols HTTP, HTTPS, FTP and FTPS. A cookie injection vulnerability exists in the respnew function in http.c in GNU Wget before 1.19.5. An attacker can exploit this vulnerability for cookie injection vi...

Google Android has an unspecified vulnerability (CNVD-2018-09777)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA for short, and Qualcomm MDM9206 and other central processing unit CPU products from Qualcomm are used in different platforms. A security vulnerability exists in the Qualcomm...

CVE-2018-5510

On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel TMM may restart when processing a specific sequence of packets on IPv6 virtual servers...

kernel: Use-after-free in snd_seq_ioctl_create_port()

A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation...

UBUNTU-CVE-2018-9846

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...

PT-2018-10291 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.17-rc1 Description: The issue is related to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was...

Ruby Directory Traversal Vulnerability (CNVD-2018-07639)

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. tmpdir library is one of the libraries used to create files and directories. A directory traversal vulnerability exists in the Dir.mktmpdir method of the...

Google Android libframesequence Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. libframesequence is a library of GIF image tools. A denial of service vulnerability exists in the 'FrameSequencegif::FrameSequencegif' function of libframesequence in Android, whi...

Important: Red Hat Security Advisory: rh-ruby23-ruby security, bug fix, and enhancement update

An update for rh-ruby23-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

ruby: Escape sequence injection vulnerability in the Basic authentication of WEBrick

It was found that WEBrick did not sanitize all its log messages. If logs were printed in a terminal, an attacker could interact with the terminal via the use of escape sequences...

The vulnerability of the functions snd_seq_write and snd_seq_ioctl_set_client_pool (seq_clientmgr.c) in the Linux kernel sound subsystem allows a attacker to cause a service failure.

The vulnerability of the sndseqwrite and sndseqioctlsetclientpool functions in the Linux kernel’s audio subsystem is related to multiprogramming errors race conditions. Exploiting this vulnerability can allow a remote attacker to cause service failures...

FTP path trickery leads to NIL byte out of bounds write

curl can be fooled into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen o...

DEBIAN-CVE-2018-7752

GPAC through 0.7.1 has a Buffer Overflow in the gfmediaavcreadsps function in mediatools/avparsers.c, a different vulnerability than CVE-2018-1000100...

[ASA-201803-1] busybox: arbitrary code execution

Arch Linux Security Advisory ASA-201803-1 ========================================= Severity: High Date : 2018-03-01 CVE-ID : CVE-2017-16544 Package : busybox Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-512 Summary ======= The package busybox before versi...

[ASA-201803-2] mkinitcpio-busybox: arbitrary code execution

Arch Linux Security Advisory ASA-201803-2 ========================================= Severity: High Date : 2018-03-01 CVE-ID : CVE-2017-16544 Package : mkinitcpio-busybox Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-514 Summary ======= The package...

RHEL 7 : ruby (RHSA-2018:0378)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0378 advisory. - ruby: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-0898 - rubygems: Escape sequence in the summary field of gemspec...