[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43419 Download | Alert*

An SQL injection in graphs_new.php via cg_g parameter was found affecting version 0.8.8f and older. Note that this is different from CVE-2015-8377.

A vulnerability have been discovered and corrected in libtheora: Integer overflow in libtheora in Xiph.Org Theora before 1.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a video with large dimensions . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in nss_db: The Free Software Foundation Berkeley DB NSS module 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in postfix: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user"s account name . This update provides a solution to this vulnerability.

A vulnerability has been found and corrected in mod_auth_mysql: SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input . This update provides fixes for this vulnerability.

A vulnerability has been found and corrected in memcached: Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows . This update provides a solution to this vulnerability. Additionally memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES 5 that contains ...

A vulnerability has been found and corrected in mod_auth_mysql: SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input . This update provides fixes for this vulnerability. Update: Packages for 2008.0 are provided for Corporate Deskt ...

The process_stat function in Memcached prior 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon"s TCP port . The updated packages have been patched to prevent this.

A vulnerability has been found and corrected in postfix: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user"s account name . This update provides a solution to this vulnerability. Update: Packages for 2008.0 are be ...

Multiple vulnerabilities has been discovered and corrected in python-django: The django.http.HttpResponseRedirect and django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting attacks via a data: URL . The django.forms.ImageField class in the ...


Pages:      Start    4258    4259    4260    4261    4262    4263    4264    4265    4266    4267    4268    4269    4270    4271    ..   4341

© SecPod Technologies