DCMTK 3.6.0 storescp - Stack Buffer Overflow Exploit

Exploit for linux platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- DCMTK storescp DICOM storage C-STORE SCP Remote Stack Buffer Overflow Vendor: OFFIS e. V. Product web page: http://www.dcmtk.org Affected version: = 3.6.0 Not affected: DCMTK-3.6.120160216 -...

DCMTK 3.6.0 storescp - Stack Buffer Overflow

DCMTK 3.6.0 storescp - Stack Buffer Overflow !/usr/bin/env python -- coding: utf8 -- DCMTK storescp DICOM storage C-STORE SCP Remote Stack Buffer Overflow Vendor: OFFIS e. V. Product web page: http://www.dcmtk.org Affected version: = 3.6.0 Not affected: DCMTK-3.6.120160216 -...

Fedora 24 : phpMyAdmin (2016-2424eeca35)

phpMyAdmin 4.6.5.1 2016-11-26 =============================== A patch-level release fixing two small issues : - an issue affecting a small number of users using $cfg'Servers'$i'hidedb' or $cfg'Servers'$i'onlydb'. - an issue affecting the create table dialog where the partition selection tool was...

openSUSE Security Update : phpMyAdmin (openSUSE-2016-1406)

This update to phpMyAdmin 4.4.15.9 fixes security issues and bugs. The following security issues were fixed : - Unsafe generation of $cfg'blowfishsecret' PMASA-2016-58 - phpMyAdmin's phpinfo functionality is removed PMASA-2016-59 - AllowRoot and allow/deny rule bypass with specially crafted...

OpenSSL 1.1.0 < 1.1.0c Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0c. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0c advisory. - There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before...

HDF5 Group libhdf5 H5T_COMPOUND Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0179 HDF5 Group libhdf5 H5TCOMPOUND Code Execution Vulnerability November 17, 2016 CVE Number CVE-2016-4333 Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage and...

HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0178 HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability November 17, 2016 CVE Number CVE-2016-4332 Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage an...

Out-of-bounds

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

CVE-2016-7914

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

CVE-2016-7914

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

Vulnerability in OpenSSL - CMS Null dereference

Applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to free certain invalid encodings...

kernel: race condition in the TLB flush logic

A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user coul...

Oracle GlassFish Server 2.1.1.x < 2.1.1.29 Mozilla NSS ASN.1 Structure Handling RCE (October 2016 CPU)

According to its self-reported version number, the Oracle GlassFish Server running on the remote host is 2.1.1.x prior to 2.1.1.29. It is, therefore, affected by a remote code execution vulnerability in the Mozilla Network Security Services NSS component due to improper validation of user-supplie...

CVE-2016-6682

drivers/misc/qcom/qdsp6v2/audioutils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug...

DEBIAN-CVE-2014-9895

drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug...

UBUNTU-CVE-2014-9895

drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug...

Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0151 Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4296 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office...

CVE-2016-5417

Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...

Juniper Junos FreeBSD libc db Information Disclosure (JSA10756)

According to its self-reported version number, the remote Juniper Junos device is affected by an information disclosure vulnerability in the underlying FreeBSD operating system libc db interface due to improper initialization of memory for Berkeley DB 1.85 database structures. A local attacker ca...

The vulnerability of the Security SiteProtector System’s security protection mechanism allows a hacker to execute arbitrary SQL commands.

The vulnerability of the Security SiteProtector System security system lies in the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...