CVE-2015-8842
tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.
Source: CVE-2015-8842
[월:] 2016년 04월
CVE-2015-7802
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.
Source: CVE-2015-7802
CVE-2015-7801
CVE-2015-7801
Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file.
Source: CVE-2015-7801
CVE-2014-9770
CVE-2014-9770
tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Source: CVE-2014-9770
CVE-2016-3628 (enterprise_message_service, enterprise_message_service_appliance)
CVE-2016-3628 (enterprise_message_service, enterprise_message_service_appliance)
Buffer overflow in tibemsd in the server in TIBCO Enterprise Message Service (EMS) before 8.3.0 and EMS Appliance before 2.4.0 allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via crafted inbound data.
Source: CVE-2016-3628 (enterprise_message_service, enterprise_message_service_appliance)
CVE-2016-2390
CVE-2016-2390
The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the –with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message.
Source: CVE-2016-2390
CVE-2016-0741
CVE-2016-0741
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
Source: CVE-2016-0741
CVE-2015-8779
CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
Source: CVE-2015-8779
CVE-2015-8778
CVE-2015-8778
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
Source: CVE-2015-8778
CVE-2015-8776
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
Source: CVE-2015-8776