[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks.

Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks.

An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands.

Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation.

It was discovered that ecdsautils, a collection of ECDSA elliptic curve cryptography CLI tools verified some cryptographic signatures incorrectly: A signature consisting only of zeroes was always considered valid, making it trivial to forge signatures.

Several security vulnerabilities have been discovered in smarty3, the compiling PHP template engine. Template authors are able to run restricted static php methods or even arbitrary PHP code by crafting a malicious math string or by choosing an invalid {block} or {include} file name. If a math string was passed through as user provided data to the math function, remote users were able to run arbit ...

Elton Nokaj discovered that incorrect error handling in Bottle, a WSGI framework for Python, could result in the disclosure of sensitive information.

It was discovered that Booth, a cluster ticket manager, didn"t correctly restrict intra-node communication when configuring the authfile configuration directive.

A vulnerability was discovered in open-vm-tools, an open source implementation of VMware Tools, allowing an unprivileged local guest user to escalate their privileges as root user in the virtual machine.

Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.


Pages:      Start    351    352    353    354    355    356    357    358    359    360    361    362    363    364    ..   654

© SecPod Technologies