[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 5679 Download | Alert*

The host is installed with Opera before 12.13 and is prone to cross site request forgery bypass vulnerability. A flaw is present in the application, which fails to send CORS preflight requests in all required cases. Successful exploitation allows attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.

The host is installed with Opera before 12.13 and is prone to plaintext-recovery attack vulnerability. A flaw is present in the application, which does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding. Successful exploitation allows attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical ana ...

The host is installed with Opera before 12.15 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle certain weakness in the RC4 encryption protocol. Successful exploitation allows attackers to deduce the plaintext and has some unknown impact and attack vectors.

The host is installed with Opera before 12.15 and is prone to information-disclosure vulnerability. A flaw is present in the application, which fails to properly block top-level domains in Set-Cookie headers. Successful exploitation allows attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain.

The host is installed with Elasticsearch 1.0.0 before 1.6.1 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle unspecified vectors related to snapshot API calls. Successful exploitation could allow attackers to read arbitrary files.

The host is installed with Elasticsearch before 1.6.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which doesn't ensure that only trusted applications have access to the transport protocol port. Successful exploitation could allow attackers to execute remote code.

The host is installed with Elasticsearch 1.0.0 before 1.5.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which doesn't ensure that other applications are not present on the system, or that Elasticsearch cannot write into areas where these applications would read. Successful exploitation could allow attackers to use Elasticsearch to modify files read ...

net/ipv4/tcp_input.c in the Linux kernel through 0:3.16.7-ckt25-2+deb8u3 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack.

The host is installed with Linux Kernel on Ubuntu 12.04, 14.04 and 16.04 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to hijack TCP sessions.

The host is installed with cryptsetup before 2:1.6.6-5 on Debian 8 or before 2:1.4.3-4 on Debian 7 and is prone to security bypass vulnerability. A flaw is present in scripts, which unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). Successful exploitation could allow remote attackers to obtain a root initramfs shell on affected systems.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   567

© 2013 SecPod Technologies