[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 3187 Download | Alert*

It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible.

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: David James discovered that the window.opener property allows Chrome privilege escalation. Jordi Chanel discovered a spoofing vulnerability of the URL location bar using t ...

The forms library of python-django, a high-level Python web development framework, is using a badly chosen regular expression when validating email addresses and URLs. An attacker can use this to perform denial of service attacks (100\\\\% CPU consumption) due to bad backtracking via a specially crafted email address or URL which is validated by the django forms library. python-django in the oldst ...

This update restores the PID file location for bind to the location before the last security update. For reference, here is the original advisory text that explains the security problems fixed: Several cache-poisoning vulnerabilities have been discovered in BIND. These vulnerabilities are apply only if DNSSEC validation is enabled and trust anchors have been installed, which is not the default. Th ...

Bui Quang Minh discovered that libxml2, a library for parsing and handling XML data files, does not well process a malformed XPATH, causing crash and allowing arbitrary code execution. For the stable distribution , this problem has been fixed in version 2.6.32.dfsg-5+lenny2. For the testing and unstable distribution, this problem has been fixed in version 2.7.8.dfsg-1. We recommend that you upgr ...

Several vulnerabilities have been discovered in Moodle, an online course management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4297 Multiple cross-site request forgery vulnerabilities have been discovered. CVE-2009-4298 It has been discovered that the LAMS module is prone to the disclosure of user account information. CVE-2009-4299 The Glo ...

The updated packages from DSA-2154-1 introduced a regression which prevented unprivileged users from using "exim4 -bf" to test filter configurations. This update fixes this problem. Please also read the information provided in DSA-2154-1 if you have not done so already.

CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. This update adds backported support for the new RFC5746 renegotiation extension which fixes this issue. If openssl is u ...

The forms library of python-django, a high-level Python web development framework, is using a badly chosen regular expression when validating email addresses and URLs. An attacker can use this to perform denial of service attacks due to bad backtracking via a specially crafted email address or URL which is validated by the django forms library. python-django in the oldstable distribution , is not ...

Two issues have been found in the Apache HTTPD web server: CVE-2011-3192 A vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This vulnerability allows an attacker to cause Apache HTTPD to use an excessive amount of memory, causing a denial of service. CVE-2010-1452 A vulnerability has been found in mod_dav that allows an attacker to cau ...


Pages:      Start    286    287    288    289    290    291    292    293    294    295    296    297    298    299    ..   318

© SecPod Technologies