[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 194688 Download | Alert*

This update for apache2-mod_security2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests .

libhtml-stripscripts-perl: module for removing scripts from HTML HTML::StripScripts could be made to crash if it received specially crafted input.

Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes.

This module strips scripting constructs out of HTML, leaving as much non- scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS vulnerabilities.

This module strips scripting constructs out of HTML, leaving as much non- scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS vulnerabilities.

Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes.

It was discovered that an integer overflow in the RFC3164 parser of syslog-ng, a system logging daemon, may result in denial of service via malformed syslog messages.

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases and more. Key features: * receive and send RFC3164 and RFC5424 style syslog messages * work with any kind of unstructured data * receive and send JSON formatted messages * classify and structure logs with builtin parsers * normalize, crunch and process lo ...

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases and more. Key features: * receive and send RFC3164 and RFC5424 style syslog messages * work with any kind of unstructured data * receive and send JSON formatted messages * classify and structure logs with builtin parsers * normalize, crunch and process lo ...

The host is installed with Dell EMC OpenManage Server Administrator through 10.3.0.0 and is prone to a DLL injection vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow an attacker to exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges.


Pages:      Start    9534    9535    9536    9537    9538    9539    9540    9541    9542    9543    9544    9545    9546    9547    ..   19468

© SecPod Technologies