Aggregator

CVE-2017-9038 | GNU binutils 2.28 ELF File elfcomm.c get_unwind_section_word out-of-bounds (Nessus ID 103270 / ID 170587)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in GNU binutils 2.28 and classified as problematic. This issue affects the function get_unwind_section_word of the file elfcomm.c of the component ELF File Handler. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2017-9038. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2017-7614 | GNU binutils 2.28 BFD Library elflink.c main File Descriptor null pointer dereference (Nessus ID 105225 / ID 170587)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in GNU binutils 2.28 and classified as problematic. This issue affects the function main of the file elflink.c of the component BFD Library. The manipulation as part of File Descriptor leads to null pointer dereference. The identification of this vulnerability is CVE-2017-7614. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2017-8395 | GNU binutils 2.28 BFD Library malloc null pointer dereference (Bug 21431 / Nessus ID 105225)

Vuldb Updates
7 months 2 weeks ago
A vulnerability was found in GNU binutils 2.28 and classified as problematic. This issue affects the function malloc of the component BFD Library. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2017-8395. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Product showcase: Securing Active Directory passwords with Specops Password Policy

Help Net Security
7 months 2 weeks ago

Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies not only protect sensitive data but also align with best practices and compliance requirements, such as those outlined by NIST. Specops research has found that passwords are still used by 88% of organizations. So even if they can cause … More →

The post Product showcase: Securing Active Directory passwords with Specops Password Policy appeared first on Help Net Security.

Help Net Security

CVE-2024-12147 | Netgear R6900 1.0.1.26_1.0.20 HTTP Header upgrade_check.cgi Content-Length buffer overflow

VulDB Recent Entries
7 months 2 weeks ago
A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. This vulnerability is known as CVE-2024-12147. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2024-10576 | Infinix Mobile com.transsion.agingfunction 13 intent by broadcast receiver

VulDB Recent Entries
7 months 2 weeks ago
A vulnerability was found in Infinix Mobile com.transsion.agingfunction 13 and classified as critical. This issue affects some unknown processing. The manipulation leads to improper verification of intent by broadcast receiver. The identification of this vulnerability is CVE-2024-10576. An attack has to be approached locally. There is no exploit available.
vuldb.com

CVE-2024-8894 | Open Design Alliance ODA Drawings SDK 2024.10 DWF File out-of-bounds write

VulDB Recent Entries
7 months 2 weeks ago
A vulnerability has been found in Open Design Alliance ODA Drawings SDK 2024.10 and classified as critical. This vulnerability affects unknown code of the component DWF File Handler. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2024-8894. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad