[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 196303 Download | Alert*

The host is installed with SpringSource Spring Framework 5.0.x before 5.0.16, 5.1.x before 5.1.13, or 5.2.x before 5.2.3 and is prone to a reflected file download vulnerability. A flaw is present in the application, which fails to handle when it sets a "Content-Disposition" header in the response. Successful exploitation allows attackers to allow download of code without integrity check.

The host is installed with SpringSource Spring Framework 5.0.x before 5.0.16, 5.1.x before 5.1.13, or 5.2.x before 5.2.3 and is prone to a reflected file download vulnerability. A flaw is present in the application, which fails to handle when it sets a "Content-Disposition" header in the response. Successful exploitation allows attackers to allow download of code without integrity check.

Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php .

Cacti 1.2.8 allows Remote Code Execution via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.

Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the CAS authentication protocol, did not encode tickets before adding them to an URL, creating a possibility for cross site scripting.

Jasig CAS Client for Java is the integration point for applications that want to speak with a CAS server, either via the CAS 1.0 or CAS 2.0 protocol.

opensmtpd: secure, reliable, lean, and easy-to configure SMTP server OpenSMTPD could be made to run programs as root if it received specially crafted input over the network.

Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by triggering an opportunistic TLS downgrade.

This update for u-boot fixes the following issues: - Fix network boot on Raspberry Pi 3 B+ - Fix GOP pixel format - Fix SD writes on Raspberry Pi - Enable a few more armv7 boards to boot with EFI - Fix potentially miscompiled runtime service calls Fix CVE-2019-14192 , CVE-2019-14193 , CVE-2019-14199 , CVE-2019-14197 , CVE-2019-14200 , CVE-2019-14201 , CVE-2019-14202 , CVE-2019-14203 , CVE-2019-1 ...

This update for u-boot fixes the following issues: Fix CVE-2019-13106 , CVE-2019-13104 , CVE-2019-14192 , CVE-2019-14193 , CVE-2019-14199 , CVE-2019-14197 , CVE-2019-14200 , CVE-2019-14201 , CVE-2019-14202 , CVE-2019-14203 , CVE-2019-14204 , CVE-2019-14194 , CVE-2019-14198 , CVE-2019-14195 , CVE-2019-14196 , CVE-2019-13103 , CVE-2020-8432 , CVE-2019-11059 , CVE-2019-11690 and CVE-2020-10648


Pages:      Start    9588    9589    9590    9591    9592    9593    9594    9595    9596    9597    9598    9599    9600    9601    ..   19630

© SecPod Technologies