[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical web browser, does not properly handle the userinfo subcomponent of a URI, which can lead to leaking of credential in cleartext in SNI data.

Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical web browser, does not properly handle the userinfo subcomponent of a URI, which can lead to leaking of credential in cleartext in SNI data.

Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service condition or bypass filtering technology on an affected device and ex-filtrate data from a compromised host.

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2021-3711 John Ouyang reported a buffer overflow vulnerability in the SM2 decryption. An attacker able to present SM2 content for decryption to an application can take advantage of this flaw to change application behaviour or cause the application to crash . CVE-2021-3712 Ingo Schwarze reported a buffer o ...

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2021-3711 John Ouyang reported a buffer overflow vulnerability in the SM2 decryption. An attacker able to present SM2 content for decryption to an application can take advantage of this flaw to change application behaviour or cause the application to crash . CVE-2021-3712 Ingo Schwarze reported a buffer o ...

Multiple vulnerabilities have been discovered in the libxen-dev hypervisor, which could result in privilege escalation, denial of service or information leaks. With the end of upstream support for the 4.11 branch, the version of libxen-dev in the oldstable distribution is no longer supported. If you rely on security support for your libxen-dev installation an update to the stable distribution is ...

Ori Hollander reported that missing header name length checks in the htx_add_header and htx_add_trailer functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in request smuggling attacks or response splitting attacks. Additionally this update addresses #993303 introduced in DSA 4960-1 causing HAProxy to fail serving URLs with HTTP/2 containing "//".

Ori Hollander reported that missing header name length checks in the htx_add_header and htx_add_trailer functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in request smuggling attacks or response splitting attacks. Additionally this update addresses #993303 introduced in DSA 4960-1 causing HAProxy to fail serving URLs with HTTP/2 containing "//".

Apache Santuario - XML Security for Java is vulnerable to an issue where the secureValidation property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

Apache Santuario - XML Security for Java is vulnerable to an issue where the secureValidation property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.


Pages:      Start    348    349    350    351    352    353    354    355    356    357    358    359    360    361    ..   654

© SecPod Technologies