[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15124 Download | Alert*

gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload,which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications , see information from the extensions , or even execute arbitrary commands. It all depends on what extensions a user has enabled. The problem is caused by lack of exception handling in js/ui/extension ...

In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.

The bufRead::get function in libzpaq/libzpaq.h in liblrzip.so in lrzip0.631 allows remote attackers to cause a denial of service via a crafted archive.

Drupal core 7.x versions before 7.57 when using Drupal"s private filesystem, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access to the file and another is trying to deny it, leading to an access bypass vulnerability.This vulnerability is mitigated by the ...

The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service via a crafted binary file, related to use of a variable-size stackarray.

The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service via a crafted PDF document.

PoDoFo 0.9.5 allows denial of service via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure .

The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo0.9.5 allows remote attackers to cause a denial of service via a crafted file.

The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allow sremote attackers to cause a denial of service via a crafted archive.

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component with a symbolic link. The threat model incl ...


Pages:      Start    585    586    587    588    589    590    591    592    593    594    595    596    597    598    ..   1512

© SecPod Technologies