[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 3116 Download | Alert*

It was discovered that the swift3 middleware plugin for Swift performed insufficient validation of date headers which might result in replay attacks.

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1696 A cross-origin bypass was found in the bindings to extensions. CVE-2016-1697 Mariusz Mlynski discovered a cross-origin bypass in Blink/Webkit. CVE-2016-1698 Rob Wu discovered an information leak. CVE-2016-1699 Gregory Panakkal discovered an issue in the Developer Tools feature. CVE-2016-1700 Rob Wu discovered a ...

Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened.

Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-6265 Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an application crash , or potentially to execute arbitrary code with the privileges of the user running MuPDF, i ...

Several programming errors in the wrestool tool of icoutils, a suite of tools to create and extract MS Windows icons and cursors, allow denial of service or the execution of arbitrary code if a malformed binary is parsed.

A denial of service vulnerability was identified in strongSwan, an IKE/IPsec suite, using Google"s OSS-Fuzz fuzzing project. The gmp plugin in strongSwan had insufficient input validation when verifying RSA signatures. This coding error could lead to a null pointer dereference, leading to process crash.

Klaus-Peter Junghann discovered that insufficient validation of RTCP packets in Asterisk may result in an information leak

It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users. The oldstable distribution (etch) does not contain mahara.

Dan Rosenberg discovered that Transmission, a lightwight client for the Bittorrent filesharing protocol performs insufficient sanitising of file names specified in .torrent files. This could lead to the overwrite of local files with the privileges of the user running Transmission if the user is tricked into opening a malicious torrent file. For the stable distribution , this problem has been fixed ...

DSA 2276-1 for Asterisk in the oldstable distribution introduced a functionality bug which invokes an undefined symbol.

Pages:      Start    274    275    276    277    278    279    280    281    282    283    284    285    286    287    ..   311

© 2013 SecPod Technologies