[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80802 Download | Alert*

Security constrained bypass in error page mechanism:A vulnerability was discovered in the error page mechanism in Tomcat"s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page

Security constrained bypass in error page mechanism:A vulnerability was discovered in the error page mechanism in Tomcat"s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page

Security Fix: A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG signature for a dynamic update request. A flaw was found in the way BIND handled TSIG authentication of AXFR requests. A remote attacker, able ...

Security constrained bypass in error page mechanism:A vulnerability was discovered in the error page mechanism in Tomcats DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page

Out-of-bounds read in fr_dhcp_decode_options:An out-of-bounds read flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request. Out-of-bounds read in fr_dhcp_decode when decoding option 63:An out-of-bounds read flaw was found in the way FreeRADIUS server handled decodi ...

Security constrained bypass in error page mechanism:While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application ...

Vulnerabilities in the Graphite 2 library A heap-based buffer overflow flaw related to lz4::decompress has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. Heap-buffer-overflow write "lz4::decompress" A heap-based buffer overflow flaw related to lz4::decompress has been reported in graphite2. An attacker could exploit this iss ...

CRLF injection in the url_parse function in url.cA CRLF injection flaw was found in the way wget handled URLs. A remote attacker could use this flaw to inject arbitrary HTTP headers in requests, via CRLF sequences in the host sub-component of a URL, by tricking a user running wget into processing crafted URLs

Integer overflow in nlmsg_reserve:An integer overflow leading to a heap-buffer overflow was found in the libnl library. An attacker could use this flaw to cause an application compiled with libnl to crash or possibly execute arbitrary code in the context of the user running such an application

popd controlled free:A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session.Arbitrary code execution via malicious hostname:An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use t ...


Pages:      Start    3434    3435    3436    3437    3438    3439    3440    3441    3442    3443    3444    3445    3446    3447    ..   8080

© SecPod Technologies