(Jan 7) Anton Johannson discovered that an invalid TLS handshake package could crash OpenSSL with a NULL pointer dereference. The oldstable distribution (squeeze) is not affected. [More…]
(Dec 24) It was discovered that Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications, incorrectly handled file names with NULL bytes in serialized instances. A remote attacker able to supply a serialized [More…]
(Sep 24) It was discovered that PyOpenSSL, a Python wrapper around the OpenSSL library, does not properly handle certificates with NULL characters in the Subject Alternative Name field. [More…]
(Jun 10) Jibbers McGee discovered that pymongo, a high-performance schema-free document-oriented data store, is prone to a denial-of-service vulnerability. An attacker can remotely trigger a NULL pointer dereference causing MongoDB [More…]
60 queries. 8.5 mb Memory usage. 1.242 seconds.