[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 3239 Download | Alert*

Joseacute Ramoacuten Palanco discovered that a cross site scripting vulnerability in GForge, a collaborative development tool, allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user's session. The old stable distribution (sarge) is not affected by this problem.

"unsticky" discovered that b2evolution, a blog engine, performs insufficient input sanitising, allowing for cross site scripting.

It has been discovered that the signal handler implementing the login timeout in Debian's version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability (CVE-2008-4109). The problem was originally corrected in OpenSSH 4.4p1 (CVE-2006-5051), but the patch backported to the version released with etch was incorrect. Systems affected by this ...

Several vulnerabilities have been found in a2ps, an "Anything to PostScript" converter and pretty-printer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2001-1593 The spy_user function which is called when a2ps is invoked with the --debug flag insecurely used temporary files. CVE-2014-0466 Brian M. Carlson reported that a2ps"s fixps script does not invoke ...

Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service.

Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client .

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks.

Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work: CVE-2017-8808 Cross-site-scripting with non-standard URL escaping and $wgShowExceptionDetails disabled. CVE-2017-8809 Reflected file download in API. CVE-2017-8810 On private wikis the login form didn"t distinguish between login failure due to bad username and bad password. CVE-2017-8811 I ...

Multiple security vulnerabilities have been found in oSIP, a library implementing the Session Initiation Protocol, which might result in denial of service through malformed SIP messages.

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.11

Pages:      Start    282    283    284    285    286    287    288    289    290    291    292    293    294    295    ..   323

© SecPod Technologies