Page 89 of 700 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 56EXPL: 0

CVE-2015-3281 – haproxy: information leak in buffer_slow_realign()

https://notcve.org/view.php?id=CVE-2015-3281

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request. La función buffer_slow_realign en HAProxy 1.5.x anterior a 1.5.14 y 1.6-dev no realinea correctamente un buffer que es utilizado para datos salientes pendientes, lo que permite a atacantes remotos obtener información sensible (contenidos de memoria no inicializada de solicitudes previas) a través de una solicitud manipulada. An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. • http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html http://rhn.redhat.com/errata/RHSA-2015-1741.html http://rhn.redhat.com/errata/RHSA-2015-2666.html http://www.debian.org/security/2015/dsa-3301 http://www.haproxy.org/news.html http://www.securityfocus.com/bid/75554 http://www.ubuntu.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 4EXPL: 0

CVE-2015-0848 – libwmf: heap overflow when decoding BMP images

https://notcve.org/view.php?id=CVE-2015-0848

Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image. Desbordamiento de buffer basado en memoria dinámica en libwmf 0.2.8.4 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una imagen BMP manipulada. It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) containing BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168507.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165547.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1917.html http://www • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 3%CPEs: 4EXPL: 1

CVE-2015-4588 – libwmf: heap overflow within the RLE decoding of embedded BMP images

https://notcve.org/view.php?id=CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file. Desbordamiento de buffer basado en memoria dinámica en la función DecodeImage en libwmf 0.2.8.4 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una 'cuenta del longitud de realización' manipulada en una imagen en un fichero WMF. It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1917.html http://www.debian.org/security/2015/dsa-3302 http://www.openwall.com/lists/oss-security/2015/06/03/6 http://www.openwall.com/lists/oss-security/2015/06/16& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 3.6EPSS: 0%CPEs: 12EXPL: 0

CVE-2015-3164

https://notcve.org/view.php?id=CVE-2015-3164

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket. La configuración de la autenticación en XWayland 1.16.x y 1.17.x anterior a 1.17.2 arranca el servidor en el modo de no autenticación, lo que permite a usuarios locales leer en o enviar información a clientes X11 arbitrarios a través de vectores que involucran un socket UNIX. • http://lists.freedesktop.org/archives/wayland-devel/2015-June/022548.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00044.html http://www.securityfocus.com/bid/75535 https://security.gentoo.org/glsa/201701-64 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-2141

https://notcve.org/view.php?id=CVE-2015-2141

The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack. La función InvertibleRWFunction::CalculateInverse en rw.cpp en libcrypt++ 5.6.2 no ciega correctamente las operaciones de claves privadas para el algoritmo de la firma digital Rabin-Williams, lo que permite a atacantes remotos obtener claves privadas a través de un ataque de tiempos. • http://lists.opensuse.org/opensuse-updates/2015-07/msg00047.html http://sourceforge.net/p/cryptopp/code/542 http://www.debian.org/security/2015/dsa-3296 http://www.securityfocus.com/bid/75467 https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •