[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6552 Download | Alert*

It was discovered that ZeroMQ, a lightweight messaging kernel library does not properly handle connecting peers before a handshake is completed. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled can take advantage of this flaw to cause a denial of service affecting authenticated and e ...

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks.

Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs.

A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight PDF viewer, which may result in denial of service or the execution of arbitrary code if malformed documents are opened.

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to run insecure deserialization, embed spam, perform various Cross-Site Scripting or Cross-Site Request Forgery attacks, escalate privileges, run arbitrary code, and delete arbitrary files.

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or information leaks.

It was discovered that the default blacklist of XStream, a Java library to serialise objects to XML and back again, was vulnerable to the execution of arbitrary shell commands by manipulating the processed input stream. For additional defense-in-depth it is recommended to switch to the whitelist approach of XStream"s security framework. For additional information please refer to https://github.com ...

It was discovered that the default blacklist of XStream, a Java library to serialise objects to XML and back again, was vulnerable to the execution of arbitrary shell commands by manipulating the processed input stream. For additional defense-in-depth it is recommended to switch to the whitelist approach of XStream"s security framework. For additional information please refer to https://github.com ...

Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote access to an existing X session. x11vnc creates shared memory segments with 0777 mode. A local attacker can take advantage of this flaw for information disclosure, denial of service or interfering with the VNC session of another user on the host.

Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent implementation, could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution.


Pages:      Start    343    344    345    346    347    348    349    350    351    352    353    354    355    356    ..   655

© SecPod Technologies