3816 matches found
Samba: Multiple vulnerabilities
Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in samba. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with root privileges, cause a Deni...
Xerces-C++: Multiple vulnerabilities
Background Xerces-C++ is a validating XML parser written in a portable subset of C++. Description Multiple vulnerabilities have been discovered in Xerces-C++. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafte...
Node.js: Multiple vulnerabilities
Background Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Description Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service condition, or...
WebKitGTK+: Multiple vulnerabilities
Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. It offers WebKit’s full functionality and is useful in a wide range of systems from desktop...
Botan: Multiple vulnerabilities
Background Botan Japanese for peony is a cryptography library written in C++11. Description Multiple vulnerabilities have been discovered in Botan. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of...
Pixman: Buffer overflow
Background Pixman is a pixel manipulation library. Description In pixman-general, careless computations done with the ‘destbuffer’ pointer may overflow, failing the buffer upper limit check. Impact A remote attacker could possibly cause a Denial of Service condition, or execute arbitrary code wit...
GPL Ghostscript: User-assisted execution of arbitrary code
Background Ghostscript is an interpreter for the PostScript language and for PDF. Description An integer overflow flaw was discovered that leads to an out-of-bounds read and write in gsttf.ps. Impact A remote attacker could entice a user to open a specially crafted file, possibly resulting in the...
Bash: Arbitrary code execution
Background Bash is the standard GNU Bourne Again SHell. Description A vulnerability was found in the way Bash expands $HOSTNAME. Injecting malicious code into $HOSTNAME could cause it to run each time Bash expands \h in the prompt string. Impact A remote attacker controlling the system’s hostname...
Zabbix: Multiple vulnerabilities
Background Zabbix is software for monitoring applications, networks, and servers. Description Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges...
XStream: Remote execution of arbitrary code
Background XStream is a simple library to serialize objects to XML and back again. Description It was found that XStream would deserialize arbitrary user-supplied XML content, thus representing objects of any type. Impact A remote attacker could pass a specially crafted XML document to XStream,...
TigerVNC: Integer overflow
Background TigerVNC is a high-performance VNC server/client. Description TigerVNC is impacted by the same vulnerability as found in CVE-2014-6051. An integer overflow, leading to a heap-based buffer overflow, was found in the way screen sizes were handled. Impact A remote attacker, utilizing a...
elfutils: Heap-based buffer overflow
Background Elfutils provides a library and utilities to access, modify and analyse ELF objects. Description An integer overflow, in the checksection function of dwarfbeginelf.c, in the libdw library can lead to a heap-based buffer overflow. Impact A remote attacker could entice a user to open a...
systemd: Multiple vulnerabilities
Background A system and service manager. Description Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service...
SQUASHFS: Multiple vulnerabilities
Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...
exFAT: Multiple vulnerabilities
Background A full-featured exFAT file system implementation for Unix-like systems. Description Two vulnerabilities were found in exFAT. A malformed input can cause a write heap overflow or cause an endless loop. Impact Remote attackers could execute arbitrary code or cause Denial of Service...
Docker: Privilege escalation
Background Docker is the world’s leading software containerization platform. Description Docker does not properly distinguish between numeric UIDs and string usernames. Impact Local attackers could possibly escalate their privileges. Workaround There is no known workaround at this time. Resolutio...
libmms: Remote execution of arbitrary code
Background libmms is a library for downloading streaming media files using the mmst and mmsh protocols. Description A heap-based buffer overflow was discovered in the getanswer function within mmsh.c of libmms. Impact A remote attacker might send a specially crafted MMS over HTTP MMSH response,...
SoX: User-assisted execution of arbitrary code
Background SoX is a command line utility that can convert various formats of computer audio files in to other formats. Description A heap-based buffer overflow can be triggered when processing a malicious NIST Sphere or WAV audio file. Impact A remote attacker could coerce the victim to run SoX...
VirtualBox: Multiple vulnerabilities
Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact Local attackers could cause a Denial of Service condition, execute arbitrary code...
socat: Multiple vulnerabilities
Background socat is a multipurpose bidirectional relay, similar to netcat. Description Multiple vulnerabilities have been discovered in socat. Please review the references below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or obta...
CrackLib: Buffer overflow
Background CrackLib is a library used to enforce strong passwords by comparing user selected passwords to words in chosen word lists. Description A stack-based buffer overflow was discovered in the FascistGecosUser function of lib/fascist.c. Impact A local attacker could set a specially crafted...
SQLite: Multiple vulnerabilities
Background SQLite is a C library that implements an SQL database engine. Description Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...
Coreutils: Arbitrary code execution
Background The GNU Core Utilities are the basic file, shell and text manipulation utilities of the GNU operating system. Description A memory corruption flaw in GNU Coreutils’ parsedatetime function was reported. Applications using parsedatetime, such as touch or date, may accepted untrusted inpu...
OpenJPEG: Multiple vulnerabilities
Background OpenJPEG is an open-source JPEG 2000 library. Description Multiple vulnerabilities have been discovered in OpenJPEG. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted JPEG file, possibly resulting in...
jq: Buffer overflow
Background jq is a lightweight and flexible command-line JSON processor. Description An off-by-one error was discovered in the tokenadd function in jvparse.c which triggers a heap-based buffer overflow. Impact A remote attacker could trick a victim into processing a specially crafted JSON file,...
Binutils: Multiple vulnerabilities
Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers...
OpenSSL: Multiple vulnerabilities
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the...
PECL HTTP: Remote execution of arbitrary code
Background This HTTP extension aims to provide a convenient and powerful set of functionality for one of PHPs major applications. Description A buffer overflow can be triggered in the URL parsing functions of the PECL HTTP extension. This allows overflowing a buffer with data originating from an...
OpenSSH: Multiple vulnerabilities
Background OpenSSH is a complete SSH protocol implementation that includes SFTP client and server support. Description Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause Denial of Service an...
Mercurial: Multiple vulnerabilities
Background Mercurial is a distributed source control management system. Description Multiple vulnerabilities have been discovered in Mercurial. Please review the CVE identifier and bug reports referenced for details. Impact A remote attacker could possibly execute arbitrary code with the privileg...
ARJ: Multiple vulnerabilities
Background Open-source implementation of the ARJ archiver. Description Multiple vulnerabilities have been discovered in ARJ. Please review the CVE identifiers referenced below for details. Impact An attacker, using a specially crafted ARJ archive, could possibly execute arbitrary code with the...
util-linux: Arbitrary code execution
Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description A command injection flaw was discovered in util-linux’s “blkid” utility. It uses caching files /dev/.blkid.tab or /run/blkid/blkid.tab to store info about the...
Patch: Denial of service
Background Patch takes a patch file containing a difference listing produced by the diff program and applies those differences to one or more original files, producing patched versions. Description Due to a flaw in Patch, the application can enter an infinite loop when processing a specially...
Chromium: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details...
nghttp2: Denial of service
Background Nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C. Description Nghttpd, nghttp, and libnghttp2asio applications do not limit the memory usage for the incoming HTTP header field. If a peer sends a specially crafted HTTP/2 HEADERS frame and CONTINUATI...
GD: Multiple vulnerabilities
Background GD is a graphic library for fast image creation. Description Multiple vulnerabilities have been discovered in GD. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause ...
dpkg: Arbitrary code execution
Background Debian package management system. Description Gentoo Linux developer, Hanno Böck, discovered an off-by-one error in the dpkg-deb component of dpkg, the Debian package management system, which triggers a stack-based buffer overflow. Impact An attacker could potentially execute arbitrary...
Pygments: Arbitrary code execution
Background Pygments is a generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code. Description A vulnerability in FontManager’s getnixfontpath function allows shell metacharacters to be passed in a font name. Impact A remot...
LinuxCIFS utils: Buffer overflow
Background The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems. Description A stack-based buffer overflow was discovered in cifskey.c or cifscreds.c in LinuxCIFS, as used in “pamcifscreds.” Impact A remote attacker could exploit this vulnerability to cause an...
BusyBox: Multiple vulnerabilities
Background BusyBox is a set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code wi...
libvirt: Directory traversal
Background libvirt is a C toolkit for manipulating virtual machines. Description Normally, only privileged users can coerce libvirt into creating or opening existing files using the virStorageVol APIs; and such users already have full privilege to create any domain XML. But in the case of...
nghttp2: Heap-use-after-free
Background Nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C. Description A heap-use-after-free vulnerability has been discovered in nghttp2. Please review the CVE identifier referenced below for details. Impact The impact of the vulnerability is still unknown...
libsndfile: Multiple vulnerabilities
Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially...
GnuPG: RNG output is predictable
Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description A long standing bug since 1998 in Libgcrypt see “GLSA 201610-04” below and GnuPG allows an attacker to predict the output from the standard RNG. Please review the “Entropy Loss...
DavFS2: Local privilege escalation
Background DavFS2 is a file system driver that allows you to mount a WebDAV server as a local disk drive. Description DavFS2 installs “/usr/sbin/mount.davfs” as setuid root. This utility uses “system” to call “/sbin/modprobe”. While the call to “modprobe” itself cannot be manipulated, a local...
PHP: Multiple vulnerabilities
Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact An attacker can...
ImageMagick: Multiple vulnerabilities
Background ImageMagick is a collection of tools and libraries for many image formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the...
Poppler: Multiple vulnerabilities
Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF using...
Tar: Extract pathname bypass
Background The Tar program provides the ability to create and manipulate tar archives. Description Tar attempts to avoid path traversal attacks by removing offending parts of the element name at extract. This sanitizing leads to a vulnerability where the attacker can bypass the path names specifi...
TestDisk: User-assisted execution of arbitrary code
Background TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software: certain types of viruses or human error such as accidentally deleting a Partition...