3816 matches found
Tikiwiki: Arbitrary command execution
Background Tikiwiki is a web-based groupware and content management system, developed with PHP, ADOdb and Smarty. Description A vulnerability in jhot.php allows for an unrestricted file upload to the img/wiki/ directory. Additionally, an XSS exists in the highlight parameter of...
MySQL: SQL Injection
Background MySQL is a popular multi-threaded, multi-user SQL server. Description MySQL is vulnerable to an injection flaw in mysqlrealescape when used with multi-byte characters. Impact Due to a flaw in the multi-byte character process, an attacker is still able to inject arbitary SQL statements...
OpenSSH, Dropbear: Insecure use of system() call
Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Dropbear is an SSH server and client designed with a small memory footprint that includes OpenSSH scp...
ClamAV: Multiple vulnerabilities
Background ClamAV is a GPL anti-virus toolkit, designed for integration with mail servers to perform attachment scanning. ClamAV also provides a command line scanner and a tool for fetching updates of the virus database. Description ClamAV has multiple security flaws: a boundary check was perform...
Apache 2.0: Denial of Service vulnerability
Background The Apache HTTP Server Project is a featureful, freely-available HTTP Web server. Description Filip Sneppe discovered that Apache improperly handles byterange requests to CGI scripts. Impact A remote attacker may access vulnerable scripts in a malicious way, exhausting all RAM and swap...
libpcre: Heap integer overflow
Background libpcre is a library providing functions for Perl-compatible regular expressions. Description libpcre fails to check certain quantifier values in regular expressions for sane values. Impact An attacker could possibly exploit this vulnerability to execute arbitrary code by sending...
Kismet: Multiple vulnerabilities
Background Kismet is an 802.11 Layer 2 wireless network detector, sniffer, and intrusion detection system. Description Kismet is vulnerable to a heap overflow when handling pcap captures and to an integer underflow in the CDP protocol dissector. Impact With a specially crafted packet an attacker...
Cacti: Several vulnerabilities
Background Cacti is a complete web-based frontend to rrdtool. Description Cacti fails to properly sanitize input which can lead to SQL injection, authentication bypass as well as PHP file inclusion. Impact An attacker could potentially exploit the file inclusion to execute arbitrary code with the...
phpBB: Multiple vulnerabilities
Background phpBB is an Open Source bulletin board package. Description It was discovered that phpBB contains a flaw in the session handling code and a path disclosure bug. AnthraX101 discovered that phpBB allows local users to read arbitrary files, if the "Enable remote avatars" and "Enable avata...
file: Arbitrary code execution
Background file is a utility used to identify the type of a file. Description A possible stack overflow has been found in the ELF header parsing code of file. Impact An attacker may be able to create a specially crafted ELF file which, when processed with file, may allow the execution of arbitrar...
LessTif: Integer and stack overflows in libXpm
Background LessTif is a clone of OSF/Motif, which is the standard user interface toolkit available on Unix and Linux. Description Chris Evans has discovered various integer and stack overflows in libXpm, which is shipped as a part of the X Window System. LessTif, an application that includes this...
Cacti: SQL injection vulnerability
Background Cacti is a complete web-based front end to rrdtool. Description Cacti is vulnerable to a SQL injection attack where an attacker may inject SQL into the Username field. Impact An attacker could compromise the Cacti service and potentially execute programs with the permissions of the use...
PHP: Multiple security vulnerabilities
Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version of PHP, or can run stand-alone in a CLI. Description Several security vulnerabilities were found and fixed in version 4.3...
Multiple vulnerabilities in xine
Background xine is a multimedia player allowing to play back CDs, DVDs, and VCDs and decoding multimedia files like AVI, MOV, WMV, and MP3 from local disk drives, and displays multimedia streamed over the Internet. It is available in Gentoo as a reusable library xine-lib with a standard user...
Linux kernel do_mremap local privilege escalation vulnerability
Background The Linux kernel is responsible for memory management in a working system - to allow this, processes are allowed to allocate and unallocate memory. Description The memory subsystem allows for shrinking, growing, and moving of chunks of memory along any of the allocated memory areas whi...
Node.js: Multiple Vulnerabilities
Background Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Description Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...
Xen: Multiple Vulnerabilities
Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...
MariaDB: Multiple Vulnerabilities
Background MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MariaDB. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
QtGui: Multiple Vulnerabilities
Background QtGui is a module for the Qt toolkit. Description Multiple vulnerabilities have been discovered in QtGui. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this tim...
Salt: Multiple Vulnerabilities
Background Salt is a fast, intelligent and scalable automation engine. Description Multiple vulnerabilities have been discovered in Salt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
libksba: Remote Code Execution
Background Libksba is a X.509 and CMS PKCS7 library. Description An integer overflow in parsing ASN.1 objects could lead to a buffer overflow. Impact Crafted ASN.1 objects could trigger an integer overflow and buffer overflow to result in remote code execution. Workaround There is no known...
Pillow: Multiple Vulnerabilities
Background The friendly PIL fork. Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution...
Babel: Remote code execution
Background Babel is a collection of tools for internationalizing Python applications. Description Babel does not properly restrict which sources a locale can be loaded from. If Babel loads an attacker-controlled .dat file, arbitrary code execution can be achieved via unsafe Pickle deserialization...
Chromium, Google Chrome: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one, fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...
c-ares: Denial of service
Background c-ares is an asynchronous resolver library. Description It was discovered that c-ares incorrectly handled certain DNS requests. Impact A remote attacker, able to trigger a DNS request for a host of their choice by an application linked against c-ares, could possibly cause a Denial of...
PHP: Denial of service
Background PHP is an open source general-purpose scripting language that is especially suited for web development. Description It was discovered that PHP did not properly handle PHAR files. Impact A remote attacker could entice a user to open a specially crafted PHAR file using PHP, possibly...
libseccomp: Privilege escalation
Background A library that provides an easy to use, platform independent, interface to the Linux Kernel’s syscall filtering mechanism. Description Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is no...
libsndfile: Multiple vulnerabilities
Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user to open a specially...
Back In Time: Command injection
Background A simple backup tool for Linux, inspired by “flyback project”. Description ‘Back in Time’ did improper escaping/quoting of file paths used as arguments to the ‘notify-send’ command leading to some parts of file paths being executed as shell commands within an os.system call. Impact A...
WebKitGTK+: Multiple vulnerabilities
Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...
X.Org Server: Multiple vulnerabilities
Background The X.Org project provides an open source implementation of the X Window System. Description Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact Attackers could execute arbitrary code or cause a Denial of Servi...
PCRE library: Denial of service
Background PCRE library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5. Description It was found that the compilebracketmatchingpath function in pcrejitcompile.c in PCRE library is vulnerable to an out-of-bounds read. Impact ...
mod_wsgi: Privilege escalation
Background modwsgi is an Apache2 module for running Python WSGI applications. Description modwsgi, when creating a daemon process group, does not properly handle dropping group privileges. Impact Context-dependent attackers could escalate privileges due to the improper handling of group privilege...
libmms: Remote execution of arbitrary code
Background libmms is a library for downloading streaming media files using the mmst and mmsh protocols. Description A heap-based buffer overflow was discovered in the getanswer function within mmsh.c of libmms. Impact A remote attacker might send a specially crafted MMS over HTTP MMSH response,...
libsndfile: Multiple vulnerabilities
Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially...
Exim: Arbitrary code execution
Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description Vulnerabilities have been discovered in Exim’s implementation of set-uid root and when using ‘perlstartup’. These vulnerabilities require a user account on the Exi...
CUPS: Buffer overflow
Background CUPS, the Common Unix Printing System, is a full-featured print server. Description A vulnerability has been discovered in CUPS concerning the handling of compressed raster files. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process...
Chromium: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details...
QEMU: Multiple vulnerabilities
Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact Local users within a guest QEMU environment can execute arbitrary code within th...
GStreamer: User-assisted execution of arbitrary code
Background GStreamer is an open source multimedia framework. Description A buffer overflow vulnerability has been found in the parsing of H.264 formatted video. Impact A remote attacker could entice a user to open a specially crafted H.264 formatted video using an application linked against...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
Chromium: Multiple vulnerabilities
Background Chromium is an open-source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact A remote attacker could bypass security restrictions. Workaround There is no known workaround at...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Multiple unspecified vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. Impact Unauthenticated remote attackers can cause Denial of Service or bypass...
LittleCMS: Denial of service
Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP and Firefox. Description Multiple stack-based buffer overflows and a profile parser error have been found in LittleCMS. Impact A remote attacker could...
Clam AntiVirus: Denial of service
Background Clam AntiVirus is an open source GPL anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description A heap-based buffer overflow exists in the cliscanpe function in libclamav/pe.c in ClamAV. Impact A remote attacker could possibly cause a Denial of...
Squid: Multiple vulnerabilities
Background Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Description An assertion failure in processing of SSL-Bump has been found in Squid. Heap based overflow is discovered when processing SNMP requests. Impact A remote attacker could send a specially crafted...
OpenLDAP: Multiple vulnerabilities
Background OpenLDAP is an LDAP suite of application and development tools. Description Multiple vulnerabilities have been discovered in OpenLDAP. Please review the CVE identifiers referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct...
Asterisk: Denial of service
Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers and Asterisk Project Security Advisories referenced below for details. Impact A remote attacker could possibly cause a Denia...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers and Opera Release Notes referenced below for details. Impact A remote attacker could entice a user to open a specially...
Evince: Multiple vulnerabilities
Background Evince is a document viewer for multiple document formats, including PostScript. Description Multiple vulnerabilities have been discovered in Evince. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to load a DVI file with a...