[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the security-restricted operation sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/

Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the security-restricted operation sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/

Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite. The revocation plugin uses OCSP URIs and CRL distribution points which come from certificates provided by the remote endpoint. The plugin didn"t check for the certificate chain of trust before using those URIs, so an attacker could provided a crafted certificate containing URIs pointing to ser ...

Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability. See https://varnish-cache.org/security/VSV00011.html for details.

Robin Peraglie and Johannes Moritz discovered an argument injection bug in the xfce4-mime-helper component of xfce4-settings, which can be exploited using the xdg-open common tool. Since xdg-open is used by multiple standard applications for opening links, this bug could be exploited by an attacker to run arbitrary code on an user machine by providing a malicious PDF file with specifically crafted ...

Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, was suspectible to denial of service via recursive XML entity expansion.

Multiple security issues were discovered in MuJS, a lightweight JavaScript interpreter, which could result in denial of service and potentially the execution of arbitrary code.

Two security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in unauthenticated command injection or LDAP authentication bypass.

Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling, cache poisoning or denial of service.

A logic error was discovered in the implementation of the "SafeSocks" option of Tor, a connection-based low-latency anonymous communication system, which did result in allowing unsafe SOCKS4 traffic to pass.


Pages:      Start    352    353    354    355    356    357    358    359    360    361    362    363    364    365    ..   654

© SecPod Technologies