cve details

Discover cve details, include the articles, news, trends, analysis and practical advice about cve details on alibabacloud.com

CURL/libcURL Denial of Service Vulnerability (CVE-2018-1000121)

CURL/libcURL Denial of Service Vulnerability (CVE-2018-1000121)CURL/libcURL Denial of Service Vulnerability (CVE-2018-1000121) Release date:Updated on:Affected Systems: Haxx curl 7.21.0-7.58.0Haxx libcURL 7.21.0-7.58.0 Description: Bugtraq id: 103415CVE (CAN) ID: CVE-2018-1000121LibcURL is a multi-protocol file transfer library.CURL/libcURL 7.21.0-7.58.0 ha

Quick Emulator (Qemu) Denial of Service (CVE-2017-18043) Vulnerability)

Quick Emulator (Qemu) Denial of Service (CVE-2017-18043) Vulnerability)Quick Emulator (Qemu) Denial of Service (CVE-2017-18043) Vulnerability) Release date:Updated on:Affected Systems: QEMU Description: Bugtraq id: 102759CVE (CAN) ID: CVE-2017-18043QEMU is an open source simulator software.Quick Emulator (Qemu) has the integer overflow vulnerability in macr

Autodesk Backburner stack buffer overflow vulnerability in CVE-2016-2344)

Autodesk Backburner stack buffer overflow vulnerability in CVE-2016-2344)Autodesk Backburner stack buffer overflow vulnerability in CVE-2016-2344) Release date:Updated on:Affected Systems: Autodesk Backburner 2016.0.0.2150 Description: CVE (CAN) ID: CVE-2016-2344Backburner is a network rendering management software.In

Apache Struts ActionServlet. java XSS Vulnerability (CVE-2016-1182)

Apache Struts ActionServlet. java XSS Vulnerability (CVE-2016-1182)Apache Struts ActionServlet. java XSS Vulnerability (CVE-2016-1182) Release date:Updated on:Affected Systems: Apache Group Struts 1 1.x-1.3.10 Description: CVE (CAN) ID: CVE-2016-1182Struts is the open source code used to build Web applications.In

The gnu c Library glob Stack Buffer Overflow Vulnerability (CVE-2016-1234)

The gnu c Library glob Stack Buffer Overflow Vulnerability (CVE-2016-1234)The gnu c Library glob Stack Buffer Overflow Vulnerability (CVE-2016-1234) Release date:Updated on:Affected Systems: Gnu c Library (glibc) Description: CVE (CAN) ID: CVE-2016-1234Glibc is the libc library released by GNU, that is, the c Ru

Gnu c Library DoS Vulnerability (CVE-2016-3075)

Gnu c Library DoS Vulnerability (CVE-2016-3075)Gnu c Library DoS Vulnerability (CVE-2016-3075) Release date:Updated on:Affected Systems: Gnu c Library (glibc) Description: CVE (CAN) ID: CVE-2016-3075Glibc is the libc library released by GNU, that is, the c Runtime Library.In versions earlier than gnu c Library (

Xen Denial of Service Vulnerability (CVE-2014-3717)

Release date:Updated on: Affected Systems:XenSource Xen 4.4.xDescription:--------------------------------------------------------------------------------CVE (CAN) ID: CVE-2014-3717Xen is an open-source Virtual Machine monitor developed by the University of Cambridge. In Xen 4.4.x, the 64-bit ARM client kernel loading address is not correctly verified. This allows local users to trigger buffer overflow throu

ShellShock: CVE-2014-6271 vulnerability and emergency repair methods

ShellShock: CVE-2014-6271 vulnerability and emergency repair methods About this vulnerabilityHello, a Linux security vulnerability was found to be more serious than "heartbleed", that is, the ShellShock: CVE-2014-6271 vulnerability, attackers can remotely execute arbitrary commands, full control of your server, A lower operating threshold than "heartbleed" makes it more risky than the former. The vulnerabil

OS: Dirty Cow (Dirty COW) Vulnerability: Linux kernel access to kill right hole (cve-2016-5195) __linux

Note that when compiling a vulnerability exploits a program: gcc-lpthread dirtyc0w.c-o dirtyc0w The actual test under Ubuntu 15.10 needs to be changed to: Gcc-pthread Dirtyc0w.c-o dirtyc0w Or GCC dirtyc0w.c-o dirtyc0w -lpthread To compile correctly. Other vulnerabilities exploit code: Https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs Http://www.tuicool.com/articles/Rjiy2maHow to Patch and Protect Linux Kernel the Zero day local privilege escalation vulnerability ... Time 2016-10-21 16:

Cacti Cross-Site Request Forgery Vulnerability (CVE-2014-2327)

Release date:Updated on: Affected Systems:Cacti 0.8.8bCacti 0.8.7fDescription:--------------------------------------------------------------------------------Bugtraq id: 66392CVE (CAN) ID: CVE-2014-2327Cacti is a database round robin (RRD) tool that helps you create images from database information. It has multiple Linux versions.Cacti 0.8.8b and earlier versions have the Cross-Site Request Forgery Vulnerability, which allows remote attackers to modif

OpenJDK Security Vulnerabilities (CVE-2014-0462)

Release date:Updated on: Affected Systems:OpenJDKDescription:--------------------------------------------------------------------------------Bugtraq id: 67508CVE (CAN) ID: CVE-2014-0462OpenJDK is a cooperation Platform for open source implementation of Java Platform, Standard Edition and related projects.On Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS platforms, OpenJDK 6 6b31 and earlier versions have security vulnerabilities. The

Adobe Reader and Acrobat Pro Privilege Escalation Vulnerability resolution (CVE-2015-5090)

Adobe Reader and Acrobat Pro Privilege Escalation Vulnerability resolution (CVE-2015-5090) 0 × 01 PrefaceCVE-2015-5090 is a bug that exists in Adobe Reader/Acrobat Pro and has been found and submitted to ZDI a few months ago. This article focuses on the details of this bug and shares several different attack methods.AdobeARMService is an Adobe update program and a system service installed on Adobe Reader/A

Uncontrolled memory mapping in Camera driver (cve-2013-2595)

/*This article is prepared by Mo Gray Ash, reproduced please indicate the source.Mo Ash Gray Email:[email protected]*/1 Vulnerability DescriptionThe vulnerability arises mainly because the camera driver provides several interfaces for user-space calls. User space can use system call functions such as IOCTL or mmap to affect the camera driver. Hackers can easily use pre-constructed parameters to map physical memory to user space and elevate permissions.2. Impact EquipmentMost of the Linux kernel

CVE-2016-1757 simple analysis

CVE-2016-1757 simple analysis 0x00 Abstract The latest 10.11.4 patch fixes a vulnerability that exploits conditional competition to Obtain Code Execution permissions. After understanding the kernel source code and poc, the vulnerability is analyzed in a simple way. 0x01 basic knowledge 1.1 exec function Process I analyzed several important functions in the exec execution process in detail in the OSX kernel load mach-o process analysis. This is a strea

Adobe Digital Editions Memory Corruption Vulnerability (CVE-2014-0494)

Release date:Updated on: Affected Systems:Adobe Digital Editions 2.0.1Description:--------------------------------------------------------------------------------Bugtraq id: 65091CVE (CAN) ID: CVE-2014-0494 Adobe Digital Editions is A software for reading and managing e-books and other Digital publications. It supports industrial standard e-books, such as PDF/A and EPUB. Adobe Digital Editions 2.0.1 and other versions have the memory corruption vulner

Google Chrome Remote Code Execution Vulnerability (CVE-2014-1705)

Release date:Updated on: Affected Systems:Google Chrome Google Chrome Description:--------------------------------------------------------------------------------Bugtraq id: 66239CVE (CAN) ID: CVE-2014-1705 Google Chrome is a Web browser tool developed by Google. Google V8 in Chrome 33.0.1750.152 for Mac/Linux and 33.0.1750.154 for Windows has a security vulnerability that allows remote attackers to exploit this vulnerability to cause memory corrup

Multiple integer overflow vulnerability in QEMU Block Driver (CVE-2014-0143)

Release date:Updated on: Affected Systems:QEMUDescription:--------------------------------------------------------------------------------Bugtraq id: 66486CVE (CAN) ID: CVE-2014-0143QEMU is an open source simulator software.QEMU has multiple integer overflow vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code in the context of the affected application.Kevin Wolf*> Suggestion:----------------------------------------

cve-2017-2824 of Zabbix explosion high risk loophole

Guide Zabbix can monitor various network parameters, ensure the safe operation of the server system, and provide flexible notification mechanism for the system administrator to quickly locate/solve the various problems. about Zabbix Zabbix is an enterprise-class open source solution based on the Web interface that provides distributed system monitoring and network monitoring capabilities. Zabbix can monitor various network parameters, ensure the safe operation of the server system

Linux Kernel Local Memory Corruption Vulnerability (CVE-2017-16996)

Linux Kernel Local Memory Corruption Vulnerability (CVE-2017-16996)Linux Kernel Local Memory Corruption Vulnerability (CVE-2017-16996) Release date:Updated on:Affected Systems: Linux kernel Description: Bugtraq id: 102267CVE (CAN) ID: CVE-2017-16996Linux Kernel is the Kernel of the Linux operating system.Linux kernel 4.14.8 and earlier versions have securi

Microsoft. NET Framework security features Bypass Vulnerability (CVE-2018-0786)

Microsoft. NET Framework security features Bypass Vulnerability (CVE-2018-0786)Microsoft. NET Framework security features Bypass Vulnerability (CVE-2018-0786) Release date:Updated on:Affected Systems: Microsoft. NET Framework 4.7Microsoft. NET Framework 4.6.2Microsoft. NET Framework 4.6.1Microsoft. NET Framework 4.6Microsoft. NET Framework 4.5.2Microsoft. NET Framework 3.5.1Microsoft. NET Framework 3.5Mic

Total Pages: 15 1 .... 11 12 13 14 15 Go to: Go

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.