[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15249 Download | Alert*

Multiple buffer overflows in the XvQueryAdaptors and XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction and deny rules for username by using Null Byte in the username. All 4.6.x versions , 4.4.x versions , and 4.0.x versions are affected.

Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted packet.

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different vulnerability than CVE-2017-1000421.

Cross-site scripting vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment.

Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 . Fixed in Apache HTTP Server 2.2.32 .

SimpleXML is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.

Multiple cross-site scripting vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via normalization.php or js/normalization.js in the database normalization page, templates/database/structure/sortable_header.phtml in the database structure page, or the pos parameter to db_central_columns.php in th ...

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.


Pages:      Start    582    583    584    585    586    587    588    589    590    591    592    593    594    595    ..   1524

© SecPod Technologies