[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6629 Download | Alert*

It was discovered that liblasso3-dev, a library which implements SAML 2.0 and Liberty Alliance standards, did not properly verify that all assertions in a SAML response were properly signed, allowing an attacker to impersonate users or bypass access control.

Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service and a bypass of restrictions in the Replace Text extension.

Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service and a bypass of restrictions in the Replace Text extension.

Miroslav Lichvar reported that the ptp4l program in linuxptp, an implementation of the Precision Time Protocol , does not validate the messageLength field of incoming messages, allowing a remote attacker to cause a denial of service, information leak, or potentially remote code execution.

Miroslav Lichvar reported that the ptp4l program in linuxptp, an implementation of the Precision Time Protocol , does not validate the messageLength field of incoming messages, allowing a remote attacker to cause a denial of service, information leak, or potentially remote code execution.

Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, bypass of logout restrictions or authentications using variations of a valid user name.

Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, bypass of logout restrictions or authentications using variations of a valid user name.

The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca function could result in memory corruption, allowing to crash systemd and hence the entire operating system. Details can be found in the Qualys advisory at https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt

Andrea Fioraldi discovered a buffer overflow in libsndfile, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file.

The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca function could result in memory corruption, allowing to crash systemd and hence the entire operating system. Details can be found in the Qualys advisory at https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt


Pages:      Start    358    359    360    361    362    363    364    365    366    367    368    369    370    371    ..   662

© SecPod Technologies