clamav: arbitrary code execution

Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code...

mantisbt: multiple issues

CVE-2014-9571 cross-side scripting Cross-site scripting XSS vulnerability in admin/install.php allows remote attackers to inject arbitrary web script or HTML via the 1 adminusername or 2 adminpassword parameter. - CVE-2014-9572 information disclosure It was discovered that mantisbt does not...

postgresql: multiple issues

CVE-2014-8161 information leak Some server error messages show the values of columns that violate a constraint, such as a unique constraint. If the user does not have SELECT privilege on all columns of the table, this could mean exposing values that the user should not be able to see. Adjust the...

privoxy: denial of service

CVE-2015-1380 denial of service Denial of service issue was found in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. - CVE-2015-1381 segmentation fault Multiple segmentation faults and...

patch: multiple issues

CVE-2015-1196 directory traversal A directory traversal flaw was discovered that allows remote attackers to write to arbitrary files via a symlink attack in a patch file. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch, with the privileges of the...

jasper: arbitrary code execution

CVE-2014-8157 arbitrary code execution Off-by-one error in the jpcdecprocesssot function allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow. - CVE-2014-8158 arbitrary code...

chromium: multiple issues

CVE-2014-7923 memory corruption The Regular Expressions package in International Components for Unicode ICU 52, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a 1 zero-length quantifier or 2 look-behind...

flashplugin: multiple issues

CVE-2015-0311 remote code execution Unspecified vulnerability allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015. - CVE-2015-0309 remote code execution Heap-based buffer overflow allows attackers to execute arbitrary code via...

php: remote code execution

CVE-2014-9427 information leak, remote code execution A one-byte file containing only the '' character, not followed by any newline, causes php-cgi to do an out of bound read, potentially disclosing sensitive information present in memory or even triggering code execution if adjacent memory...

jre8-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...

jre7-openjdk-headless: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6587 privilege escalation MulticastSocket NULL pointer dereference allows local users to...

jre7-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 out-of-bounds read Allows remote attackers to affect confidentiality via font parsing...

jdk7-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 out-of-bounds read Allows remote attackers to affect confidentiality via font parsing...

jdk8-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...

jre8-openjdk-headless: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...

polarssl: remote code execution

During the parsing of a ASN.1 sequence, a pointer in the linked list of asn1sequence is not initialized by asn1getsequenceof. In case an error occurs during parsing of the list, a situation is created where the uninitialized pointer is passed to polarsslfree. This sequence can be triggered when a...

libssh: denial of service

It was discovered that a double free vulnerability in the sshpacketkexinit function in kex.c allows remote attackers to cause a denial of service via a crafted kexinit packet...

samba: privilege elevation

Samba's Active Directory Domain Controller AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups. Samba's AD DC did not implement the additional required check on the UFSERVERTRUSTACCOUNT bit in the userAccountControl attributes. Most Samba...

tinyproxy: denial of service

It was discovered that a remote attacker is able to cause a denial of service CPU and memory consumption via 1 a large number of headers or 2 a large number of forged headers that predictably trigger hash collisions...

curl: url request injection

When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those will be sent along to the proxy too, which allows the program to for example send a separate HTTP request injected...

thunderbird: multiple issues

CVE-2014-8634 arbitrary remote code execution Christian Holler and Patrick McManus reported memory safety problems and crashes that affect Firefox ESR 31.3 and Firefox 34. - CVE-2014-8635 arbitrary remote code execution Christoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron Campen,...

firefox: multiple issues

CVE-2014-8634 arbitrary remote code execution Christian Holler and Patrick McManus reported memory safety problems and crashes that affect Firefox ESR 31.3 and Firefox 34. - CVE-2014-8635 arbitrary remote code execution Christoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron Campen,...

cpio: heap buffer overflow

A heap-based buffer overflow flaw was reported in cpio's listfile function. Attempting to extract a malicious cpio archive could cause cpio to crash or, potentially, execute arbitrary code. As noted in the original report, this issue could be trigger via other utilities, such as when running "les...

libevent: heap overflow

A defect in the libevent evbuffer API could possibly leave some programs that use the evbuffer API open to potential heap overflows. A program using the evbufferadd, evbufferprepend, evbufferexpand, exbufferreservespace, or evbufferread functions may be vulnerable if an attacker is able to coax t...

unzip: arbitrary code execution

CVE-2014-8139 heap buffer overflow A heap-based buffer overflow exists in the CRC32 verification that allows attackers to potentially execute arbitrary code or cause a denial of service memory corruption. - CVE-2014-8140 out-of-bounds read/write Out-of-bounds access both read and write issues...

openssl: multiple issues

CVE-2014-3571 denial of service A remote attacker is able to cause a denial of service NULL pointer dereference and application crash via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1getrecord...

imagemagick: multiple issues

Numerous vulnerabilities, including but not limited to buffer overflow, out-of-bound read, double-free and user-after-free have been fixed in imagemagick 6.9.0.2 and 6.9.0.3...

ntp: multiple issues

Keys explicitly generated by "ntp-keygen -M" should be regenerated. - CVE-2014-9293 weak key generation ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd or to exploit other vulnerabilities. - CVE-2014-9294 weak k...

jasper: arbitrary code execution

CVE-2014-8137 arbitrary code execution A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. - CVE-2014-9029 arbitrary code execution...

php: use after free

A use-after-free flaw was found in PHP unserialize. An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize...

glibc: arbitrary code execution

CVE-2012-3406 arbitrary code execution The vfprintf function in stdio-common/vfprintf.c in GNU C Library does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection...

subversion: denial of service

CVE-2014-3580 denial of service A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn. - CVE-2014-8108 denial of service A NULL pointer dereference flaw was found in the way...

dokuwiki: cross-site scripting

It was discovered that dokuwiki did not sufficiently filter uploaded files. A remote attacker with upload access is able to use this flaw in order to upload SWF files leading to possible cross-site scripting...

unrtf: arbitrary code execution

CVE-2014-9274 arbitrary code execution A flaw allows remote attackers to cause a denial of service crash and possibly execute arbitrary code as demonstrated by a file containing the string "\cb-999999999". - CVE-2014-9275 arbitrary code execution A flaw allows remote attackers to cause a denial...

nss: signature forgery

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as...

python2: multiple issues

CVE-2013-1752 denial of service Multiple unbound readline flaws in python stdlib were found, which can lead to excessive memory usage if a malicious or broken server sends excessively long lines without any line breaks. - CVE-2013-1753 denial of service The XMLRPC library is vulnerable to...

docker: multiple issues

CVE-2014-9356 path traversal Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both...

nvidia: arbitrary code execution

It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation...

nvidia-304xx: arbitrary code execution

It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation...

flashplugin: multiple issues

CVE-2014-0580 policy bypass A flaw allows remote attackers to bypass the same origin policy via unspecified vectors. - CVE-2014-0587 arbitrary code execution A flaw allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors. - CVE-2014-8443...

xorg-server: multiple issues

CVE-2014-8091 denial of service X.Org X Window System, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a crafted connection...

nvidia-340xx: arbitrary code execution

It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation...

powerdns-recursor: denial of service

PowerDNS, while acting as a caching nameserver, can be negatively impacted by sending queries for specially configured, hard to resolve domain names. This is the same issue as the ones found in bind ASA-201412-7 and unbound ASA-201412-8...

unbound: denial of service

The resolver can be tricked into following an endless series of delegations, this consumes a lot of resources. Resolvers fetch the content for domain names by sending queries to authority servers on the internet. One of the responses that authority servers can return is a referral response, which...

mantisbt: multiple issues

CVE-2014-9272 cross-side scripting The function "stringinserthrefs" doesn't validate the protocol, which is why one can make a link that executes arbitrary JavaScript code. - CVE-2014-9270 cross-side scripting The Projax library does not properly escape html strings. An attacker could take...

bind: denial of service

By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and...

antiword: buffer overflow

The program antiword is suffering from a buffer overflow within atPPSlist.szName that may lead to denial of service or arbitrary code execution...

graphviz: format string vulnerability

A format string vulnerability has been found in the error reporting part of the parser used by graphviz...

firefox: multiple issues

CVE-2014-1587: Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, and Max Jonas Werner reported memory safety problems and crashes that affect Firefox ESR 31.2 and Firefox 33. CVE-2014-1588: Christian Holler, Gary Kwong, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and Xidorn Quan...

openvpn: denial of service

It was discovered that an authenticated client could trigger an ASSERT in OpenVPN by sending a too-short control channel packet to the server. This could cause the OpenVPN server to crash and deny access to the VPN to other legitimate users...