6585 matches found
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 35 security fixes, including: 1210985 High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19 1202661 High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab o...
MySQL -- Multiple vulnerabilities
Oracle reports: This Critical Patch Update contains 48 new security patches for Oracle MySQL. The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle MySQL is 8. NOTE: MariaDB only contains CVE-2020-14812 CVE-2020-14765 CVE-2020-14776 and CVE-2020-14789...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 5 security fixes: 1116304 High CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-08-14 1102196 High CVE-2020-6574: Insufficient policy enforcement in installer. Reported by...
puppetdb -- Multiple vulnerabilities
Puppetlabs reports: In June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities...
several security issues in sqlite3
sqlite3 update: Various security issues could be used by an attacker to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-functi...
OpenSMTPd -- LPE and RCE in OpenSMTPD's default install
Qualys reports:...
MySQL -- Multiple vulerabilities
Oracle reports: This Critical Patch Update contains 45 new security fixes for Oracle MySQL. 4 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...
Flash Player -- information disclosure
Adobe reports: This update resolves an out-of-bounds vulnerability that could lead to information disclosure CVE-2019-7090...
Gitlab -- Multiple vulnerabilities
Gitlab reports: Remote Command Execution via GitLab Pages Covert Redirect to Steal GitHub/Bitbucket Tokens Remote Mirror Branches Leaked by Git Transfer Refs Denial of Service with Markdown Guests Can View List of Group Merge Requests Guest Can View Merge Request Titles via System Notes Persisten...
chromium -- Stack overflow in V8
Google Chrome Releases reports: 2 security fixes in this release, including: 770452 High CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-09-30 770450 Medium CVE-2017-15406: Stack overflow in V8. Reported by Yuan Deng of Ant-financial...
wordpress -- multiple issues
wordpress developers report: Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL. Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name. Before versi...
FreeBSD -- OpenSSH Denial of Service vulnerability
Problem Description: There is no limit on the password length. Impact: A remote attacker may be able to cause an affected SSH server to use excessive amount of CPU by sending very long passwords, when PasswordAuthentication is enabled by the system administrator...
BIND -- multiple vulnerabilities
ISC reports: A malformed query response received by a recursive server in response to a query of RTYPE ANY could trigger an assertion failure while named is attempting to add the RRs in the query response to the cache. Depending on the type of query and the EDNS options in the query they receive,...
sudo -- Potential bypass of sudo_noexec.so via wordexp()
Todd C. Miller reports: A flaw exists in sudo's noexec functionality that may allow a user with sudo privileges to run additional commands even when the NOEXEC tag has been applied to a command that uses the wordexp function...
expat -- multiple vulnerabilities
Sebastian Pipping reports: CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 issue 496 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876...
LibreSSL -- Memory leak and buffer overflow
Qualys reports: During the code review of OpenSMTPD a memory leak and buffer overflow an off-by-one, usually stack-based were discovered in LibreSSL's OBJobj2txt function. This function is called automatically during a TLS handshake both client-side, unless an anonymous mode is used, and...
bash -- remote code execution
Note that this is different than the public "Shellshock" issue. Specially crafted environment variables could lead to remote arbitrary code execution. This was fixed in bash 4.3.27, however the port was patched with a mitigation in 4.3.252...
mozilla -- multiple vulnerabilities
The Mozilla Foundation reports of multiple security issues in Firefox, Seamonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. MFSA 2008-19 XUL popup spoofing variant cross-tab popups MFSA 2008-18 Java sock...
lighttpd -- FastCGI header overrun in mod_fastcgi
lighttpd maintainer reports: Lighttpd is prone to a header overflow when using the modfastcgi extension, this can lead to arbitrary code execution in the fastcgi application. For a detailed description of the bug see the external reference. This bug was found by Mattias Bengtsson and Philip Olaus...
cups-base -- HPGL buffer overflow vulnerability
Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to execute arbitrary code with the permission of the CUPS server by printing a specially crated HPGL file...
libwmf -- multiple vulnerabilities
Mitre reports: Multiple buffer overflows in the gd graphics library libgd 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than...
curl -- OCSP verification bypass with TLS session reuse
Hiroki Kurosawa reports: curl inadvertently kept the SSL session ID for connections in its cache even when the verify status OCSP stapling test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 14 security fixes, including: 1335458 Critical CVE-2022-2156: Use after free in Base. Reported by Mark Brand of Google Project Zero on 2022-06-11 1327312 High CVE-2022-2157: Use after free in Interest groups. Reported by Nan Wang@eternalsakura13 and...
OpenSSL -- BN_mod_exp incorrect results on MIPS
The OpenSSL project reports: BNmodexp may produce incorrect results on MIPS Moderate There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the...
MySQL -- Multiple vulnerabilities
Oracle reports: This Critical Patch Update contains 78 new security patches for Oracle MySQL. 3 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. The highest CVSS v3.1 Base Score of vulnerabilitie...
MySQL -- Multiple vulnerabilities
Oracle reports: This Critical Patch Update contains 66 new security patches for Oracle MySQL. 8 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. The highest CVSS v3.1 Base Score of vulnerabilitie...
ruby -- XML round-trip vulnerability in REXML
Juho Nurminen reports: When parsing and serializing a crafted XML document, REXML gem including the one bundled with Ruby can create a wrong XML document whose structure is different from the original one. The impact of this issue highly depends on context, but it may lead to a vulnerability in...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release includes 47 security fixes, including the below. Google is aware of reports that an exploit for CVE-2021-21166 exists in the wild. Please see URL for details...
spamassassin -- Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings
the Apache Spamassassin project reports: nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings...
MariaDB -- Vulnerability in C API
MariaDB reports: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: GitHub Integration SSRF Trigger Token Impersonation Build Status Disclosure SSRF Mitigation Bypass Information Disclosure New Issue ID IDOR Label Name Enumeration Persistent XSS Wiki Pages User Revokation Bypass with Mattermost Integration Arbitrary File Upload via Import Project...
phpMyAdmin -- CSRF vulnerability in login form
The phpMyAdmin development team reports: Summary CSRF vulnerability in login form Description A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmi...
Flash Player -- arbitrary code execution
Adobe reports: This update resolves a use-after-free vulnerability that could lead to arbitrary code execution CVE-2019-7837...
samba -- multiple vulnerabilities
The samba project reports: The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target client principal Authenticated users with write permission can trigger a symlink traversal to writ...
PostgreSQL -- Memory disclosure in partition routing
The PostgreSQL project reports: Prior to this release, a user running PostgreSQL 11 can read arbitrary bytes of server memory by executing a purpose-crafted INSERT statement to a partitioned table...
webkit2-gtk3 -- Multiple vulnerabilities
The WebKitGTK project reports many vulnerabilities, including several arbitrary code execution vulnerabilities...
MySQL -- multiple vulnerabilities
Oracle reports: Please reference CVE/URL list for details Not all listed CVE's are present in all versions/flavors...
ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet
Network Time Foundation reports: A crafted malicious authenticated mode 6 ntpq packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target's ntpd accepts mode 6 packets...
FreeBSD -- OpenSSL multiple vulnerabilities
Problem Description: If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. CVE-2017-3735 There is a carry propagating bug in the x8664 Montgomery squaring procedure. This only affects processors that support the BMI1, BMI2 and ADX extensio...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: Please reference CVE/URL list for details...
php -- multiple vulnerabilities
PHP reports: Phar: Fixed bug 69720 Null pointer dereference in phargetfpoffset. Fixed bug 70433 Uninitialized pointer in pharmakedirstream when zip entry filename is "/"...
Several vulnerabilities found in PHP
The PHP project reports: The PHP development team announces the immediate availability of PHP 5.4.40. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version. The PHP...
drupal7 -- SQL injection
Drupal Security Team reports: Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution...
apache22 -- several vulnerabilities
Apache HTTP SERVER PROJECT reports: moddeflate: The DEFLATE input filter inflates request bodies now limits the length and compression ratio of inflated request bodies to avoid denial of service via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA 2014-15 Miscellaneous memory safety hazards rv:28.0 / rv:24.4 MFSA 2014-16 Files extracted during updates are not always read only MFSA 2014-17 Out of bounds read during WAV file decoding MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key MFSA...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA 2013-63 Miscellaneous memory safety hazards rv:23.0 / rv:17.0.8 MFSA 2013-64 Use after free mutating DOM during SetBody MFSA 2013-65 Buffer underflow when generating CRMF requests MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater MFS...
wordpress -- multiple vulnerabilities
Wordpress reports: WordPress 3.5.1 also addresses the following security issues: A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress...
wireshark -- denial of service in DRDA dissector
RedHat security team reports: A denial of service flaw was found in the way Distributed Relational Database Architecture DRDA dissector of Wireshark, a network traffic analyzer, performed processing of certain DRDA packet capture files. A remote attacker could create a specially-crafted capture...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA 2012-42 Miscellaneous memory safety hazards rv:14.0/ rv:10.0.6 MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop MFSA 2012-44 Gecko memory corruption MFSA 2012-45 Spoofing issue with location MFSA 2012-46 XSS through data: URLs MFSA 2012-47...
Dokuwiki -- cross site scripting vulnerability
Andy Webber reports: Add User appears to be vulnerable to Cross Site Request Forgery CSRF/XSRF...