[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6531 Download | Alert*

Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability. See https://varnish-cache.org/security/VSV00011.html for details.

It was discovered that missing input sanitising in the ctags functionality of Emacs may result in the execution of arbitrary shell commands.

An out-of-bounds memory access was discovered in the mod_extforward plugin of the lighttpd web server, which may result in denial of service.

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting attacks, create open redirects, escalate privileges, and bypass authorization access.

Damian Poddebniak and Fabian Ising discovered two security issues in the STARTTLS handling of the Neomutt mail client, which could enable MITM attacks.

Several vulnerabilities were discovered in coturn, a TURN and STUN server for VoIP. CVE-2020-4067 Felix Doerre reported that the STUN response buffer was not properly initialised, which could allow an attacker to leak bytes in the padding bytes from the connection of another client. CVE-2020-6061 Aleksandar Nikolic reported that a crafted HTTP POST request can lead to information leaks and other m ...

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when "svg" or "math" are in the allowed tags, "p" or "br" are in allowed tags, "style", "title", "noscript", "script", "textarea", "noframes", "iframe", or "xmp" are in allowed tags and "strip_comments=False" is set.

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when "svg" or "math" are in the allowed tags, "p" or "br" are in allowed tags, "style", "title", "noscript", "script", "textarea", "noframes", "iframe", or "xmp" are in allowed tags and "strip_comments=False" is set.

Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems: Tim Bunce discovered that the implementation of the procedural language PL/Perl insufficiently restricts the subset of allowed code, which allows authenticated users the execution of arbitrary Perl code. Tom Lane di ...

Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1169 Tim Bunce discovered that the implementation of the procedural language PL/Perl insufficiently restricts the subset of allowed code, which allows authenticated users the execution of arbitrary Perl cod ...


Pages:      Start    414    415    416    417    418    419    420    421    422    423    424    425    426    427    ..   653

© SecPod Technologies