[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6629 Download | Alert*

The wordpress package released in DSA-5279-1 had incorrect dependencies that could not be satisfied in Debian stable: this update corrects the problem. For reference, the original advisory text is provided here again: Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, create open redirects, bypass authorization access, ...

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, create open redirects, bypass authorization access, or perform Cross-Site Request Forgery or Cross-Site Scripting attacks.

Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, used exec on input passed to the server component.

The security update announced as DSA 5257-1 caused regressions on certain systems using the amdgpu driver. Updated packages are now available to correct this issue.

It was discovered that the wordexp function of tinygltf, a library to load/save glTF files was susceptible to command execution when processing untrusted files.

Julian Gilbey discovered that schroot, a tool allowing users to execute commands in a chroot environment, had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. Note that existing chroots and sessions are checked during upgrade, and an upgrade is aborted if any future invalid name is detected. Problem ...

It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code or escalate privileges.

A directory traversal vulnerability was discovered in the Metadata anonymisation toolkit, which could result in information disclosure via a malformed ZIP archive.

It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks. For the oldstable distribution , this problem has been fixed in version 3.2.4-1+deb10u8.

It was discovered that missing input sanitising in python-nbxmpp, a Jabber/XMPP Python library, could result in denial of service in clients based on it . The oldstable distribution is not affected.


Pages:      Start    422    423    424    425    426    427    428    429    430    431    432    433    434    435    ..   662

© SecPod Technologies