[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

141151

 
 

909

 
 

114115

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 113901 Download | Alert*

A heap-based buffer overflow was found in the NSC_EncryptUpdate function in Mozilla nss. A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application . While the attack complexity is high, the impact to confidentiality, integrity, and availability are high as well. A cached side channel attack d ...

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE . Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may s ...

The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu * CVE-2020-8608 slirp4netns: QEMU: Slirp: potential OOB access due to unsafe snprintf usages * CV ...

Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine. Security Fix: * python-flask: Denial of Service via crafted JSON file For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

python-flask is installed

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

tomcat-servlet-3.0-api is installed

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell , but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions , a history mechanism, and more. Security Fix: * zsh: insecure dropping of privileges when unsetting PRIVIL ...

The virtualenv tool creates isolated Python environments. The virtualenv tool is a successor to workingenv, and an extension of virtual-python. Security Fix: * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure * python-urllib3: CRLF injection due to not encoding the "\r\n" sequence leading to possible attack on internal service * python-reques ...

TODO: add package description Security Fix: * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure * python-urllib3: CRLF injection due to not encoding the "\r\n" sequence leading to possible attack on internal service * python-urllib3: Certification mishandle when error should be thrown * python-requests: Redirect from HTTPS to HTTP does not re ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   11390

© SecPod Technologies