[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15166 Download | Alert*

Cross-site request forgery vulnerability in WordPress before 4.7.1allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.

Multiple cross-site scripting vulnerabilities inwp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the name or version header of a plugin.

wp-admin/includes/class-wp-press-this.php in Press This in WordPress before4.7.2 does not properly restrict visibility of a taxonomy-assignment userinterface, which allows remote attackers to bypass intended access restrictions by read ing terms.

libplist++-dev allows attackers to cause a denial of service via vectors involving an offset size of zero.

A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files in the context of the web server user. The attack vector is a .. in the path parameter within a zm/index.php?view=file&path= request.

Cross-site request forgery vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related towp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.

sarnold> probably our packages are not-affected but marking as needed to communicate that this patch is needed too

In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service via a crafted file.

In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service via a crafted file.

Multiple heap-based buffer overflows in parser.c in libming-dev 0.4.7 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SWF file. NOTE:this issue exists because of an incomplete fix for CVE-2016-9831.


Pages:      Start    589    590    591    592    593    594    595    596    597    598    599    600    601    602    ..   1516

© SecPod Technologies