[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.

It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting attacks.

Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code.

It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly validate access for the pipe, handle and printer io devices, which could result in the execution of arbitrary code if a malformed Postscript file is processed .

It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly validate access for the pipe, handle and printer io devices, which could result in the execution of arbitrary code if a malformed Postscript file is processed .

Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.

XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This u ...

XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This u ...

Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-3068 Blake Burkhart discovered that Mercurial allows URLs for Git subrepositories that could result in arbitrary code execution on clone. CVE-2016-3069 Blake Burkhart discovered that Mercurial allows arbitrary co ...


Pages:      Start    397    398    399    400    401    402    403    404    405    406    407    408    409    410    ..   654

© SecPod Technologies