|Paid content will be excluded from the download.
| Matches : 3114
|Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site. CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved. The parsing is a bit more strict, which may affect your installation. This is the corrected version of the patch that needed to be reverted in DSA 3328-2. C ...
Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without providing valid credentials. It"s possible to recognize such attacks by looking at the server logs. Th ...
Multiple vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution. Upstream support for the 4.1 release series has ended and since no information is available which would allow backports of isolated security fixes, security support for virtualbox in wheezy/oldstable needed to be ended as well. If you use virtualbox with externally procured VMs we advise you to update to ...
Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt11 library could be leaked via a side-channel attack. See https://www.cs.tau.ac.IL/~tromer/ecdh/ for details.
Several vulnerabilities were discovered in imlib2, an image manipulation library. CVE-2014-9762 A segmentation fault could occur when opening GIFs without a colormap. CVE-2014-9763 Several divisions by zero, resulting in a program crash, could occur when handling PNM files. CVE-2014-9764 A segmentation fault could occur when opening GIFs with feh.
It was discovered that a buffer overflow in the XMLRPC response encoding code of the Atheme IRC services may result in denial of service.
Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using gdk-pixbuf , or potentially, to execute arbitrary code with the privileges of the user running the application, if a malformed image is opened.
The upgrade to Samba 4.2 issued as DSA-3548-1 introduced several upstream regressions and as well a packaging regression causing errors on upgrading the packages. Updated packages are now available to address these problems.
Two vulnerabilities have been discovered in the server for the Tryton application platform, which may result in information disclosure of password hashes or file contents.
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.27, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.27
Pages:      Start    286    287    288    289    290    291    292    293    294    295    296    297    298    299    ..   311
© 2013 SecPod Technologies