[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6552 Download | Alert*

Tom Lane discovered that ALTER ... DEPENDS ON EXTENSION sub commands in the PostgreSQL database did not perform authorisation checks.

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when "noscript" and one or more raw text tags were whitelisted.

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when strip=False and "math" or "svg" tags and one or more of the RCDATA tags were whitelisted.

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when "noscript" and one or more raw text tags were whitelisted.

Felix Wilhelm of Google Project Zero discovered that HAProxy, a TCP/HTTP reverse proxy, did not properly handle HTTP/2 headers. This would allow an attacker to write arbitrary bytes around a certain location on the heap, resulting in denial-of-service or potential arbitrary code execution.

A flaw was reported in the DTLS protocol implementation in GnuTLS, a library implementing the TLS and SSL protocols. The DTLS client would not contribute any randomness to the DTLS negotiation, breaking the security guarantees of the DTLS protocol.

Three vulnerabilities have been found in the MySQL Connector/J JDBC driver.

The following vulnerability has been discovered in the webkit2gtk web engine: CVE-2020-11793 Cim Stordal discovered that maliciously crafted web content may lead to arbitrary code execution or a denial of service.

Bernd Edlinger discovered that malformed data passed to the SSL_check_chain function during or after a TLS 1.3 handshake could cause a NULL dereference, resulting in denial of service. The oldstable distribution is not affected.

It was discovered that insufficient sanitising of received network packets in the game server of Teeworlds, an online multi-player platform 2D shooter, could result in denial of service.


Pages:      Start    340    341    342    343    344    345    346    347    348    349    350    351    352    353    ..   655

© SecPod Technologies