[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111543

 
 

909

 
 

86957

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 3208 Download | Alert*

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.

Several vulnerabilities were discovered in jruby, a Java implementation of the Ruby programming language. They would allow an attacker to use specially crafted gem files to mount cross-site scripting attacks, cause denial of service through an infinite loop, write arbitrary files, or run malicious code.

Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution. As part of this update, several regressions stemming from incomplete fixes for previous vulnerabilities were also fixed.

Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution. As part of this update, several regressions stemming from incomplete fixes for previous vulnerabilities were also fixed.

Several vulnerabilities were discovered in cURL, an URL transfer library: CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. CVE-2016-8617 It was discovered t ...

Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation.

Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation.

Several vulnerabilities were discovered in the resolver in nginx, a small, powerful, scalable web/proxy server, leading to denial of service or, potentially, to arbitrary code execution. These only affect nginx if the "resolver" directive is used in a configuration file.

James Davis discovered two issues in Django, a high-level Python web development framework, that can lead to a denial-of-service attack. An attacker with control on the input of the django.utils.html.urlize function or django.utils.text.Truncator"s chars and words methods could craft a string that might stuck the execution of the application.

Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to inject a Password helper parameter into the configuration data passed to vpnc, allowing a local user with privileges to modify a system connection to execute arbitrary commands as root.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   320

© SecPod Technologies