[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125989

 
 

909

 
 

104881

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 10087 Download | Alert*

Directly POSTing to Special:ChangeEmail would allow for bypassing reauthentication, allowing for potential account takeover.

A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them.

stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token

Potential information exfiltration with default typing, serialization gadget from MyBatis

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file"s user and group ownership during move operations from admin:// to file:// URIs, because root privileges are unavailable.

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn"t implement query_info_on_read/write.

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen call.

hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.

An incorrect permissions check was discovered in libvirt-dev 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1008

© SecPod Technologies