[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15100 Download | Alert*

An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI.This allows attackers to bypass authentication by inserting a token into anX-Auth-Token header of a new request. NOTE: githu ...

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash .

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

An issue was discovered in OpenStack nova-common 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header,result ing in a denial of service attack on the compute host. All nova-common setups supporting encrypted volumes are affected.

The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19edoes not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brunfunction in plug-ins/file-fli/fli.c.

wp-admin/user-new.php in WordPress before 4.9.1 sets the new bloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.

In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library 0.6.1 does not ensure anon-negative size, which allows remote attackers to cause a denial of service via a crafted file.


Pages:      Start    595    596    597    598    599    600    601    602    603    604    605    606    607    608    ..   1509

© SecPod Technologies