[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 86297 Download | Alert*

Jann Horn discovered a vulnerability in the fuse package in Debian. The fuse package ships an udev rules adjusting permissions on the related /dev/cuse character device, making it world writable. This permits a local, unprivileged attacker to create an arbitrarily-named character device in /dev and modify the memory of any process that opens it and performs an ioctl on it. This in turn might allo ...

Several vulnerabilities were found in SPIP, a website engine for publishing, resulting in code injection. CVE-2016-3153 g0uZ et sambecks, from team root-me, discovered that arbitrary PHP code could be injected when adding content. CVE-2016-3154 Gilles Vincent discovered that deserializing untrusted content could result in arbitrary objects injection.

High-Tech Bridge Security Research Lab discovered that Roundcube, a webmail client, contained a path traversal vulnerability. This flaw could be exploited by an attacker to access sensitive files on the server, or even execute arbitrary code.

Emmanuel Thome discovered that missing sanitising in the oarsh command of OAR, a software used to manage jobs and resources of HPC clusters, could result in privilege escalation.

Several vulnerabilities were discovered in imlib2, an image manipulation library. CVE-2011-5326 Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse results in a floating point exception. CVE-2014-9771 It was discovered that an integer overflow could lead to invalid memory reads and unreasonably large memory allocations. CVE-2016-3993 Yuriy M. Kaminskiy discovered that drawing using co ...

swift-plugin-s3 is installed

It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin"s add/change related popup.

This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed.

Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service or incorrect certificate validation.

Pages:      Start    7893    7894    7895    7896    7897    7898    7899    7900    7901    7902    7903    7904    7905    7906    ..   8629

© SecPod Technologies