Aggregator

CVE-2016-9888 | GNOME Structured File Library 1.14.41 TAR File gsf-infile-tar.c tar_directory_for_file null pointer dereference (FEDORA-2016-6ba1694d89 / Nessus ID 95677)

Vuldb Updates
10 months ago
A vulnerability was found in GNOME Structured File Library 1.14.41 and classified as problematic. This issue affects the function tar_directory_for_file of the file gsf-infile-tar.c of the component TAR File Handler. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2016-9888. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days

Help Net Security
10 months ago

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, … More →

The post Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days appeared first on Help Net Security.

Help Net Security

CVE-2007-2664 | Tomasz Rekawek Yet Another Asterisk Panel up to 1.5 includes/common.php __autoload root_path file inclusion (EDB-3908 / XFDB-34264)

Vuldb Updates
10 months ago
A vulnerability was found in Tomasz Rekawek Yet Another Asterisk Panel up to 1.5. It has been rated as critical. This issue affects the function __autoload of the file includes/common.php. The manipulation of the argument root_path leads to file inclusion. The identification of this vulnerability is CVE-2007-2664. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2012-4412 | GNU C Library 2.16 string/strcoll_l.c strcoll numeric error (Issue #1 / EDB-37783)

Vuldb Updates
10 months ago
A vulnerability was found in GNU C Library 2.16. It has been declared as critical. Affected by this vulnerability is the function strcoll of the file string/strcoll_l.c of the component C Library. The manipulation leads to numeric error. This vulnerability is known as CVE-2012-4412. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Weekly Update 417

Troy Hunt
10 months ago

Today was all about this whole idea of how we index and track data breaches. Not as HIBP, but rather as an industry; we simply don't have a canonical reference of breaches and their associated attributes. When they happened, how many people were impacted, any press on the

Troy Hunt

Managed ad