[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6547 Download | Alert*

It was discovered that Booth, a cluster ticket manager, didn"t correctly restrict intra-node communication when configuring the authfile configuration directive.

A vulnerability was discovered in open-vm-tools, an open source implementation of VMware Tools, allowing an unprivileged local guest user to escalate their privileges as root user in the virtual machine.

Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.

Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the security-restricted operation sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/

Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the security-restricted operation sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/

Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite. The revocation plugin uses OCSP URIs and CRL distribution points which come from certificates provided by the remote endpoint. The plugin didn"t check for the certificate chain of trust before using those URIs, so an attacker could provided a crafted certificate containing URIs pointing to ser ...

Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability. See https://varnish-cache.org/security/VSV00011.html for details.

Robin Peraglie and Johannes Moritz discovered an argument injection bug in the xfce4-mime-helper component of xfce4-settings, which can be exploited using the xdg-open common tool. Since xdg-open is used by multiple standard applications for opening links, this bug could be exploited by an attacker to run arbitrary code on an user machine by providing a malicious PDF file with specifically crafted ...

Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, was suspectible to denial of service via recursive XML entity expansion.

Multiple security issues were discovered in MuJS, a lightweight JavaScript interpreter, which could result in denial of service and potentially the execution of arbitrary code.


Pages:      Start    352    353    354    355    356    357    358    359    360    361    362    363    364    365    ..   654

© SecPod Technologies