CVS prior to 1.10.8 does not properly initialize a global variable, which allows remote malicious users to cause a denial of service (server crash) via the diff capability.
Kim Nielsen recently found an internal problem with the CVS server and
reported it to the vuln-dev mailing list The problem is triggered by
an improperly initialized global variable A user exploiting this can
crash the CVS server, which may be accessed through the pserver
service and running under a remote user id It is not yet clear if
the remo ...
There is a vulnerability in the zlib compression library This code is
used in multiple applications While we have not identified any Cisco product
that is directly impacted by the vulnerability, there are several products that
are using third-party modules that are vulnerable or that are running on an
operating system that is vulnerable ...