Author: Cyberthreat Blog

The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is...

Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.

The Fedora Nagios package uses “nagiosadmin” as the default password for the “nagiosadmin” administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the...

game-music-emu before 0.6.1 mishandles unspecified integer values.

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.