[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253928

 
 

909

 
 

198006

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15202 Download | Alert*

the web framework using ljharb"s qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash.

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.

Cross-site scripting vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.

In Eclipse Jetty, versions 9.2.x and older, 9.3.x , and 9.4.x , transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and t ...

xrdp 0.9.1 calls the PAM function auth_start_session in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.

An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata is due to a failure to check a pointer for being in bounds and a failure in a check in dwarf_attr_list.

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service by leveraging in-memory database representation when authenticating against a non-existent database.

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.

The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service via a crafted file.

An issue was discovered in phpMyAdmin. phpinfo shows PHP information including values of HttpOnly cookies. All 4.6.x versions , 4.4.x versions , and 4.0.x versions are affected.


Pages:      Start    514    515    516    517    518    519    520    521    522    523    524    525    526    527    ..   1520

© SecPod Technologies