Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. Date published...
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it...
IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. IBM X-Force ID: 125462. Date...
soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot...
The read_user_chunk_callback function in coderspng.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files. Date published : 2017-07-13 http://www.securityfocus.com/bid/99585 https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus’ Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name...
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a ‘secure boot’ kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus...
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to...
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution. Date published : 2017-07-13 https://wiki.onosproject.org/display/ONOS/Security+advisories
Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets. Date published : 2017-07-13 https://wiki.onosproject.org/display/ONOS/Security+advisories
Linux foundation ONOS 1.9.0 is vulnerable to a DoS. Date published : 2017-07-13 https://wiki.onosproject.org/display/ONOS/Security+advisories
Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration Date published : 2017-07-13 https://wiki.onosproject.org/display/ONOS/Security+advisories
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function Date published : 2017-07-13 https://github.com/marcobambini/gravity/issues/133
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function. Date published : 2017-07-13 https://github.com/marcobambini/gravity/issues/131