Lucene search
K

1833 matches found

Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.53 views

openSUSE Security Update : zlib (openSUSE-2016-1499)

This update for zlib fixes the following issues : - Remove incompatible declarations of 'struct internalstate' boo1003577 - Avoid out-of-bounds pointer arithmetic in inftrees.c boo1003579, CVE-2016-9840, CVE-2016-9841 - Avoid left-shift with negative number boo1003580, CVE-2016-9842 - Avoid...

9.8CVSS7.2AI score0.07489EPSS
Exploits0References8
OSV
OSV
added 2016/09/20 2:15 p.m.11 views

CVE-2015-8932

The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift...

5.5CVSS7.3AI score0.02214EPSS
Exploits1References18
NVD
NVD
added 2016/09/20 2:15 p.m.24 views

CVE-2015-8932

The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift...

5.5CVSS6AI score0.02214EPSS
Exploits1References13
OSV
OSV
added 2016/09/20 2:15 p.m.0 views

DEBIAN-CVE-2015-8932

The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift...

5.5CVSS8.3AI score0.02214EPSS
Exploits1References1
Prion
Prion
added 2016/09/20 2:15 p.m.23 views

Design/Logic Flaw

The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift...

4.3CVSS6.8AI score0.02214EPSS
Exploits1References13Affected Software6
Cvelist
Cvelist
added 2016/09/20 2:0 p.m.26 views

CVE-2015-8932

The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift...

6AI score0.02214EPSS
Exploits1References13
CVE
CVE
added 2016/09/20 2:0 p.m.112 views

CVE-2015-8932

The CVE-2015-8932 issue affects the libarchive library, specifically the compress_bidder_init function in archive_read_support_filter_compress.c, before version 3.2.0. A crafted tar file can trigger an invalid left shift, allowing a remote attacker to cause a denial of service (crash). Public ref...

5.5CVSS5.8AI score0.02214EPSS
Exploits1References13Affected Software1
Debian CVE
Debian CVE
added 2016/09/20 2:0 p.m.28 views

CVE-2015-8932

The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift...

5.5CVSS6.3AI score0.02214EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2016/09/12 8:11 p.m.12 views

libarchive: Undefined behavior / invalid shiftleft in TAR parser

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS5.7AI score0.02214EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/09/12 7:54 p.m.12 views

libarchive: Undefined behavior / invalid shiftleft in TAR parser

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS5.7AI score0.02214EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

A one-unit shift error in the isrtsprequestorreply function in the epan/dissectors/packet-rtsp.c file of the RTSP dissector in Wireshark allows malicious actors operating remotely to trigger a service failure abrupt termination of the application’s operation by using a specially crafted packet th...

5CVSS5.5AI score0.03375EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2016/06/22 1:23 p.m.14 views

Ransomware A Two-Year Nightmare in the Making

The scourge of ransomware over the past two years has been impressive – and not in a good way. The number of frustrated computer users locked out of their PCs is at an all-time high with no signs of the ransomware epidemic relenting. According to security experts, the last two years have seen an...

0.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/06/22 6:19 a.m.35 views

CVE-2015-8932

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS2.7AI score0.02214EPSS
Exploits1References1
CNVD
CNVD
added 2016/06/21 12:0 a.m.1 views

libarchive TAR Parser Unauthorized Operation Vulnerability

libarchive is a multi-format archive and compression library. A security vulnerability exists in libarchive's TAR parser. An attacker can exploit this vulnerability to perform an undefined operation, resulting in an invalid left shift...

5.5CVSS6.9AI score0.02214EPSS
Exploits1References1
OSV
OSV
added 2016/05/05 1:59 a.m.1 views

DEBIAN-CVE-2000-1254

crypto/rsa/rsagen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms...

7.5CVSS7.7AI score0.03137EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2016/05/05 1:0 a.m.31 views

CVE-2000-1254

crypto/rsa/rsagen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms...

7.5CVSS8.5AI score0.03137EPSS
Exploits0
hackapp
hackapp
added 2016/04/01 10:10 a.m.15 views

Asylum Night Shift DEMO - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Asylum Night Shift DEMO published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:59 a.m.11 views

Shift Free - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Shift Free published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:23 a.m.14 views

Work Shift Calendar - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Work Shift Calendar published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:22 a.m.10 views

Shift Calendar (Shift Roster) - Base64 encoded String, Corrupted files, Dynamic Code Loading vulnerabilities

HackApp vulnerability scanner discovered that application Shift Calendar Shift Roster published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder