[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253928

 
 

909

 
 

198006

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15202 Download | Alert*

It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the "System: Read Stage Users" permission. A remote, authenticated attacker could potentially use this flaw to disclose the password hashes belonging to Stage Users. This security issue does not result in disclosure of password hashes belonging to active standard users. NOTE: some developers feel that this rep ...

An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, ...

Multiple buffer overflows in the XvQueryAdaptors and XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction and deny rules for username by using Null Byte in the username. All 4.6.x versions , 4.4.x versions , and 4.0.x versions are affected.

Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted packet.

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different vulnerability than CVE-2017-1000421.

Cross-site scripting vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.

Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 . Fixed in Apache HTTP Server 2.2.32 .

SimpleXML is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.


Pages:      Start    577    578    579    580    581    582    583    584    585    586    587    588    589    590    ..   1520

© SecPod Technologies