[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253390

 
 

909

 
 

197257

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81513 Download | Alert*

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener

It was discovered that the code that parsed the HTTP request line permittedinvalid characters. This could be exploited, in conjunction with a proxy thatalso permitted the invalid characters but with a different interpretation, toinject data into the HTTP response. By manipulating the HTTP response theattacker could poison a web-cache, perform an XSS attack, or obtain sensitiveinformation from requ ...

A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. A denial of service flaw was found in the way BIND handled query requests when using DNS64 with "break-dnssec yes" option. A r ...

Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.cAn issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact via specially crafted VNC packets.

LibVNC contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution

A vulnerability was found in a previous version of mod_auth_mellon. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse fun ...

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.The JPXStream::init function in Poppler 0.78.0 and earlier doesn"t check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to a ...

The tiff_document_render and tiff_document_get_thumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files


Pages:      Start    3207    3208    3209    3210    3211    3212    3213    3214    3215    3216    3217    3218    3219    3220    ..   8151

© SecPod Technologies