|Paid content will be excluded from the download.
| Matches : 2999
|Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5006 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2017-5007 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2017-5008 Mariusz Mlynski discovered a third cross-site scripting issue. CVE-2017-5009 Sean Stanek and Chip Bradford discovered an out-of-bounds memory issue in the webrtc li ...
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.
Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to hijack victims" credentials, access sensitive information, execute arbitrary commands, bypass read and post restrictions, or mount denial-of-service attacks.
Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle #BP and #OF exceptions in an L2 virtual machine. A local attacker in an L2 guest VM can take advantage of this flaw to cause a denial of ...
George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions , thus allowing remote authenticated users to execute arbitrary code on the firebird server.
Two vulnerabilities have been found in the MySQL Connector/J JDBC driver.
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in privilege escalation, denial of service, newline injection in SMTP or use of insecure cryptography.
It was discovered that unrestricted YAML deserialisation of data sent from agents to the server in the Puppet configuration management system could result in the execution of arbitrary code. Note that this fix breaks backward compability with Puppet agents older than 3.2.2 and there is no safe way to restore it. This affects puppet agents running on Debian wheezy; we recommend to update the the pu ...
Agostino Sarubbo discovered multiple vulnerabilities in zziplib, a library to access Zip archives, which could result in denial of service and potentially the execution of arbitrary code if a malformed archive is processed.
Pages:      Start    275    276    277    278    279    280    281    282    283    284    285    286    287    288    ..   299
© 2013 SecPod Technologies