[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44337 Download | Alert*

simplestreams: Library and tools for using Simple Streams data Applications using Simple Streams could be made to crash or run programs if it received specially crafted network traffic.

isc-dhcp: DHCP server and client DHCP server, client, or relay could be made to crash if they received specially crafted network traffic.

It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a malicious web page that, when used as an argument in mpv, could execute arbitrary code in the host of the mpv user.

A regression was detected in the previously issued fix for CVE-2018-6360. The patch released with DSA 4105-1 broke the feature of invoking mpv with raw YouTube ids. This update fixes this functionality issue. For reference, the relevant part of the original advisory text follows. It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a ...

Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code: CVE-2017-0920 It was discovered that missing validation of merge requests allowed users to see names to private projects, resulting in information disclosure. CVE-2018-8971 It was discovered that the Auth0 integration was implemented incorrectly.

Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service.

The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.

gnome-desktop3: Introspection data for GnomeDesktop gnome-desktop could be made to escape the thumbnailer sandbox.

golang-github-seccomp-libseccomp-golang: a Go-based interface to the libseccomp library A system hardening measure could be bypassed.

Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, HTTP request smuggling or cache poisoning.


Pages:      Start    4241    4242    4243    4244    4245    4246    4247    4248    4249    4250    4251    4252    4253    4254    ..   4433

© SecPod Technologies