[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252097

 
 

909

 
 

196747

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15028 Download | Alert*

The host is installed with Ruby on Rails before 2.3.13 or 3.0.x before 3.0.10 or 3.1.x before 3.1.0.rc5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application which fails to properly handle strip_tags helper. Successful exploitation allows remote attackers to inject arbitrary web script or HTML into the response.

The host is installed with Ruby on Rails before 2.3.13 or 3.0.x before 3.0.10 or 3.1.x before 3.1.0.rc5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application which fails to properly handle escaping function. Successful exploitation allows remote attackers to bypass the escaping code via a malformed unicode string.

The host is installed with Ruby on Rails 2.3.x before 2.3.13 and is prone to CRLF injection vulnerability. A flaw is present in the application which fails to sufficiently validate the values provided. Successful exploitation allows remote attackers to inject arbitrary HTTP headers into a response.

The host is installed with Adobe Reader and Acrobat and is prone to input validation vulnerability. A flaw is present in the applications, which fail to properly perform input validation. Successful exploitation allows remote attackers to execute arbitrary code using a crafted 3D file.

The host is installed with Ruby on Rails 3.0.5 and is prone to security bypass vulnerability. A flaw is present in the application which fails to properly validate the X-Forwarded-For header in requests from IP addresses on a Class C network. Successful exploitation allows remote attackers to bypass intended address parsing or inject arbitrary text into log files.

The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark, which fails to validate a certain frame size. Successful exploitation could allow attackers to crash the service.

The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a buffer exception. Successful exploitation could allow attackers to crash the service.

The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector, which fails to initialize a certain structure member. Successful exploitation could allow attackers to crash the service.

The host is installed with Wireshark 1.4.x before 1.4.9 or 1.6.x before 1.6.2 and is prone to an Untrusted search path vulnerability. A flaw is present in the application, which fails to prevent local users from gaining privileges. Successful exploitation could allow attackers to run arbitrary Lua scripts.

The host is installed with Adobe Reader and Acrobat and is prone to input validation vulnerability. A flaw is present in the applications, which fail to properly perform input validation. Successful exploitation allows remote attackers to execute arbitrary code using a crafted 3D file.


Pages:      Start    1177    1178    1179    1180    1181    1182    1183    1184    1185    1186    1187    1188    1189    1190    ..   1502

© SecPod Technologies