[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6530 Download | Alert*

Wen Bin discovered that bchunk, an application that converts a CD image in bin/cue format into a set of iso and cdr/wav tracks files, did not properly check its input. This would allow malicious users to crash the application or potentially execute arbitrary code.

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2017-12867 Attackers with access to a secret token could extend its validity period by manipulating the prepended time offset. CVE-2017-12869 When using the multiauth module, attackers can bypass authentication context restrictions and use any authentication source de ...

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2017-12867 Attackers with access to a secret token could extend its validity period by manipulating the prepended time offset. CVE-2017-12869 When using the multiauth module, attackers can bypass authentication context restrictions and use any authentication source de ...

James Forshaw discovered that, in Apache Santuario XML Security for Java, CanonicalizationMethod parameters were incorrectly validated: by specifying an arbitrary weak canonicalization algorithm, an attacker could spoof XML signatures.

One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue.

It was discovered that SPIP, a website engine for publishing, would allow a malicious user to SQL injection attacks, or bypass authorization access.

Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitisation of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted.

Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitisation of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted.

Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.

Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.


Pages:      Start    403    404    405    406    407    408    409    410    411    412    413    414    415    416    ..   652

© SecPod Technologies