[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44374 Download | Alert*

Multiple vulnerabilities has been found and corrected in mono: IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers . Multiple cross-site scripting vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or ...

If the django.middleware.common.CommonMiddleware and the APPEND_SLASH setting are both enabled, and if the project has a URL pattern that accepts any path ending in a slash , then a request to a maliciously crafted URL of that site could lead to a redirect to another site, enabling phishing and other attacks. Fixed In Version:¶ Django 1.11.15 and Django 2.0.8

If the django.middleware.common.CommonMiddleware and the APPEND_SLASH setting are both enabled, and if the project has a URL pattern that accepts any path ending in a slash , then a request to a maliciously crafted URL of that site could lead to a redirect to another site, enabling phishing and other attacks. Fixed In Version:¶ Django 1.11.15 and Django 2.0.8

If the django.middleware.common.CommonMiddleware and the APPEND_SLASH setting are both enabled, and if the project has a URL pattern that accepts any path ending in a slash , then a request to a maliciously crafted URL of that site could lead to a redirect to another site, enabling phishing and other attacks. Fixed In Version:¶ Django 1.11.15 and Django 2.0.8

FILE buffer read out of bounds TFTP sends more than buffer size URL globbing out of bounds read

CVE-2017-1000099: FILE buffer read out of bounds¶ When asking to get a file from a file:// URL, libcurl provides a feature thatoutputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user , which could lead to other private data from the heap to get inadvertently displayed. Affected versions: libcurl 7.54.1 Not affected versions: libcur ...

CVE-2017-1000100: TFTP sends more than buffer size. When doing an TFTP upload and curl/libcurl is given a URL that contains a very long file name , the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the`send` call, making curl attempt to send more data than what is actually ...

CVE-2017-1000100: TFTP sends more than buffer size When doing an TFTP upload and curl/libcurl is given a URL that contains a very long file name , the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the`send` call, making curl attempt to send more data than what is actually ...

CVE-2017-1000100: TFTP sends more than buffer size; When doing an TFTP upload and curl/libcurl is given a URL that contains a very long file name , the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the`send` call, making curl attempt to send more data than what is actually ...

openslp-dfsg: Service Location Protocol library OpenSLP could be made to crash or run programs as your login if it received specially crafted network traffic.


Pages:      Start    4175    4176    4177    4178    4179    4180    4181    4182    4183    4184    4185    4186    4187    4188    ..   4437

© SecPod Technologies