[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.

The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service via a crafted PDF document.

Roundcube Webmail allows arbitrary password resets by authenticated users.This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves hosting a crafted plugin that executes an arbitrary program from its __init__.py file and causing the victim to download, install, and enable this plugin.

Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.cin libjasper-dev 2.0.10 allows remote attackers to have unspecified impact via a crafted image.

The dex_load code function in libr/bin/p/bin_dex.c in radare2 1.2.1 allow sremote attackers to cause a denial of service via a crafted DEX file.

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.

WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header,which could potentially lead to clickjacking.

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.check Plain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML . This function does not correctly handle all methods of injecting malicious HTML, leading to across-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for H ...

Use-after-free vulnerability in the fz_subsample_pixmap function infitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.


Pages:      Start    590    591    592    593    594    595    596    597    598    599    600    601    602    603    ..   1513

© SecPod Technologies