[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6629 Download | Alert*

Apache Santuario - XML Security for Java is vulnerable to an issue where the secureValidation property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

Multiple vulnerabilities were discovered in Redis, a persistent key-value database, which could result in denial of service or the execution of arbitrary code.

Multiple vulnerabilities were discovered in Redis, a persistent key-value database, which could result in denial of service or the execution of arbitrary code.

Apache Tomcat, the servlet and JSP engine, did not properly release an HTTP upgrade connection for WebSocket connections once the WebSocket connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError.

Researchers at the United States of America National Security Agency identified two denial of services vulnerability in strongSwan, an IKE/IPsec suite. CVE-2021-41990 RSASSA-PSS signatures whose parameters define a very high salt length can trigger an integer overflow that can lead to a segmentation fault. Generating a signature that bypasses the padding check to trigger the crash requires access ...

Researchers at the United States of America National Security Agency identified two denial of services vulnerability in strongSwan, an IKE/IPsec suite. CVE-2021-41990 RSASSA-PSS signatures whose parameters define a very high salt length can trigger an integer overflow that can lead to a segmentation fault. Generating a signature that bypasses the padding check to trigger the crash requires access ...

It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize requests and mail messages. This would allow an attacker to perform Cross-Side Scripting or SQL injection attacks.

It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize requests and mail messages. This would allow an attacker to perform Cross-Side Scripting or SQL injection attacks.

Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.

A heap-based buffer overflow vulnerability was discovered in gdal, a Geospatial Data Abstraction Library, which could result in denial of service or potentially the execution of arbitrary code, if a specially crafted file is processed with the PCIDSK driver.


Pages:      Start    360    361    362    363    364    365    366    367    368    369    370    371    372    373    ..   662

© SecPod Technologies