An ASAN build of Wireshark suffers from a static out-of-bounds read in Dissect_zcl_pwr_prof_pwrprofstatersp.
c46504b1ed8effcc2b06f36cfb31d04f213b4680ce2f8909ac7de9f1bef4cb2cAn ASAN build of Wireshark suffers from a static out-of-bounds read in Dissct_rsl_ipaccess_msg.
f4099d1b2bddefadb9cddc3b2705def91e07228bf60f72a2313f7a2c62d3dff0An ASAN build of Wireshark suffers from a stack-based buffer overflow in File_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr).
7f00bdd28648aa7186c3c6d78d878ba7e25307b82bb30b06240a0a588f3b2314An ASAN build of Wireshark suffers from SIGSEGV crash due to an invalid memory write in Memcpy.
6e71360888c5e40cef50bee48450326f65539941ae9466f46280cac97669ca6eAn ASAN build of Wireshark suffers from SIGSEGV crash due to an invalid memory read in Dissect_nbap_MACdPDU_Size.
12984bde0928780df0f97e24bb490aa288005bf3993c759473f39c1408475854An ASAN build of Wireshark suffers from a heap-based buffer overflow in Iseries_parse_packet.
967fee046bd590dd03aa5f0a80b1a516d91f665ff2e0c79a0d94eb60b3312b91An ASAN build of Wireshark suffers from a buffer overflow vulnerability in My_dgt_tbcd_unpack.
8ecbdd8d4bfcfd97d7c3b28f283d916dcd0ffb127fd6ef091ab99294c93f8bbeAn ASAN build of Wireshark suffers from a static out-of-bounds read in Ascend_seek.
0c577ca1c160314e5066fdfec71fae5f9288522335f7d8a4b806d4d55b4574d3An ASAN build of Wireshark suffers from a use-after-free vulnerability in Addresses_equal.
d6272e193ee354403c6650f07dea7825f78d0273609e79736a76705d4b66a0abAn ASAN build of Wireshark suffers from a stack-based buffer overflow in Dissect_diameter_base_framed_ipv6_prefix.
5135737694f30e1e0791dc982827d9f4756a50ba0a8e6941175132cb72288289An ASAN build of Wireshark suffers from a stack-based out-of-bounds memory read in Find_signature.
a0267c03345e80dae531ea068c21afea5c38f03424406fbeb125bf347941c375An ASAN build of Wireshark suffers from a stack-based buffer overflow in AirPDcapPacketProcess.
776d80602a61e02b68bde3dc4f7370e6997df8325700c503ec66eb08087471f2An ASAN build of Wireshark suffers from a stack-based out-of-bounds memory read.
be02ec339e5a9bf3b344898a1343d3b88a67561f81c16f8e1cb3e71cefa88292Nmap versions 7.00 and below for Windows suffer from a DLL hijacking vulnerability.
089e1861a1d4fdd2cdd69f741ed43b204fa79e9339d09bb6bf79333ae77611d2McAfee security products executable installers suffer from a DLL hijacking vulnerability.
e376234826ed6225a88e501590a6c820800acc5378cf79d77889ccc9b9a2331eHP Security Bulletin HPSBST03517 1 - Potential security vulnerabilities have been identified with HP StoreOnce Backup systems. The vulnerabilities could be exploited remotely resulting in execution of arbitrary code with elevated privileges, Cross-Site Scripting (XSS), or Cross-Site Request Forgery (CSRF). Revision 1 of this advisory.
252cc11b3da11c54717e9cb3de7907abd3d587707b485a6b1895cf5bb680f395Red Hat Security Advisory 2015-2645-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.
1eaa38879d61df7e4e738bd45846748a4a11d981895d4fcaf3f2a8c945f60674Red Hat Security Advisory 2015-2636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.
4c9d3dc7b4a5862f13ddb25c6fe1d7ed8bae4329d542c363dd404d810e5e5967Ubuntu Security Notice 2833-1 - Andrei Vaida, Jesse Ruderman, Bob Clary, Christian Holler, Jesse Ruderman, Eric Rahm, Robert Kaiser, Harald Kirschner, and Michael Henretty discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Ronald Crane discovered three buffer overflows through code inspection. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
81135bc5bdd8472f00b9d5a64dfbc2154e0772b8ca74ea51bc9d31d70ae16f35Ubuntu Security Notice 2837-1 - It was discovered that Bind incorrectly handled responses with malformed class attributes. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service.
417bf6b6b532d194bc0832882e3ba38498d5c416ea332876cce2ca5c6fda692bUbuntu Security Notice 2836-1 - Hector Marco and Ismael Ripoll discovered that GRUB incorrectly handled the backspace key when configured to use authentication. A local attacker could use this issue to bypass GRUB password protection.
050234264d83d3de1194c373fe3ddb557f00deab498633257f5fa170c8809fb8Ubuntu Security Notice 2835-1 - Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs.
751d787997318bd4ea218d8763654e458f3f0f604956ceb428307a70bb12bbadDebian Linux Security Advisory 3419-1 - Adam Chester discovered that missing input sanitizing in the foomatic-rip print filter might result in the execution of arbitrary commands.
94cd49771e6aa657df7398d9d487b7a66ee1706dc6c10e0081ac4fe3310b04e9Debian Linux Security Advisory 3418-1 - Several vulnerabilities have been discovered in the chromium web browser.
4fd4e36441123ebed8e78216669cae842461a07d11e5e26e0c1b6d1507ebbd17Semantic SM Short URL Script version 2.0 suffers from a remote SQL injection vulnerability.
87840506de699bcd10104cbfdf7ee0be824007e74f70ad39a04edf3cc9d05ab3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed