A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box. Date published : 2017-06-26 http://www.securityfocus.com/bid/99281...
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack. Date published : 2017-06-26 http://www.securityfocus.com/bid/99304 http://bugzilla.maptools.org/show_bug.cgi?id=2707
In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. Date published : 2017-06-26 http://www.securityfocus.com/bid/99300 http://www.debian.org/security/2017/dsa-3903
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds...
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. Date published : 2017-06-26 https://security.gentoo.org/glsa/202005-01 http://somevulnsofadlab.blogspot.com/2017/06/lrzipstack-buffer-overflow-in_24.html
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. Date published : 2017-06-26 https://security.gentoo.org/glsa/202005-01 http://somevulnsofadlab.blogspot.com/2017/06/lrzipstack-buffer-overflow-in.html
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file. Date published : 2017-06-26 http://cognito.co.nz/mwcommunity/viewtopic.php?f=1&t=3542...
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain...
TikiFilter.php in Tiki Wiki CMS Groupware 12.x through 16.x does not properly validate the imgsize or lang parameter to prevent XSS. Date published : 2017-06-26 https://sourceforge.net/p/tikiwiki/code/62386
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories. Date published : 2017-06-26 https://pagure.io/arm-image-installer/pull-request/10
ntopng before 3.0 allows HTTP Response Splitting. Date published : 2017-06-26 https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname...
ntopng before 3.0 allows XSS because GET and POST parameters are improperly validated. Date published : 2017-06-26 https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on...