[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15104 Download | Alert*

Tilibming-dev attack vulnerability

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before11.6-cert16 and 13.x before 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to strip the content between a SIP header name and a colon character. Rather than following RFC3261 and stripping only spaces and ...

The printMP3Headers function in listmp3.c in Liblibming-dev 0.4.7 allows remote attackers to cause a denial of service via a crafted mp3 file.

Cross-site scripting vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor.

An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.

Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie.

Multiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL, or (4) Title field.

The create_script function in the lxc_container module in Ansible before1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on /opt/.lxc-attach-script, the archived container in the archive_path directory, or the lxc-attach-script.log or lxc-attach-script.errfiles in the temporary directory.

The XvQueryAdaptors and XvQueryEncodings functions in X.org libxv-dev before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.

Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in libopenjpeg-dev, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data.


Pages:      Start    539    540    541    542    543    544    545    546    547    548    549    550    551    552    ..   1510

© SecPod Technologies