7626 matches found
CVE-2008-7171
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...
Rackspace SQL Injection
-------------------------------------------------------------------------------------------------------------------------- + www.rackspace.com SQL Injection vulnerability + Found By: Rohit Bansal SCHAP Security http://schap.org + Date: 01-08-2009...
Microsoft Internet Explorer CSS Behavior Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when accessing embedded style sheets...
NetBSD SHA2实现存在缓冲区溢出漏洞
Bugraq ID: 35853 NetBSD是一款基于BSD的操作系统。 NetBSD SHA2实现存在边界错误,本地攻击者可以利用漏洞触发缓冲区溢出,可能以应用程序权限执行任意指令。 程序使用sys/sha2.h中的SHA2实现,链接libcrypto库可被4或者8个字节的固定内容溢出。溢出发生于HASH INIT函数调用过程中如SHA256Init,init函数传递错误的上下文大小作为memset参数,可在之后的拷贝过程中覆盖缓冲区之后的4 字节内容。 NetBSD NetBSD 4.0.2 NetBSD NetBSD 4.0.1 NetBSD NetBSD 5.0 NetBSD...
Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must visit a malicious page or open a malicious video file. The specific flaw exists within the parsing of the length records of...
mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html Here are the details from the Slackware 12.2...
seamonkey
New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found on the Mozilla web site: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html Here are the details from the Slackware 12.2...
Slackware 12.2 / current : mozilla-firefox (SSA:2009-167-01)
New mozilla-firefox packages are available for Slackware 12.2, and -current to fix security issues. The updated packages may also be used with Slackware 11.0 or newer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
mozilla-firefox
New mozilla-firefox packages are available for Slackware 12.2, and -current to fix security issues. The updated packages may also be used with Slackware 11.0 or newer. More details about the issues may be found on the Mozilla website:...
Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of attr functions in a CSS content...
Kjtechforce mailman b1 - Delete Row code SQL Injection
Kjtechforce mailman b1 - Delete Row code SQL Injection || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...
Apple Quicktime FIRE Codec Heap Buffer Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application...
Sun GlassFish Enterprise Server and Sun Java System Application Server vulnerable to cross-site scripting
Overview Sun GlassFish Enterprise Server and Sun Java System Application Server from Sun Microsystems contain a cross-site scripting vulnerability. Sun GlassFish Enterprise Server and Sun Java System Application Server are application servers from Sun Microsystems. Sun GlassFish Enterprise Server...
cups
New cups packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-0146 https://vulners.com/cve/CVE-2009-0147...
mozilla-firefox
New mozilla-firefox packages are available for Slackware 12.2 and -current to fix security issues. The updated packages may also be used with Slackware 11.0 or newer. More details about the issues may be found on the Mozilla website:...
udev
New udev packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. The udev packages in Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current contained a local root hole vulnerability: https://vulners.com/cve/CVE-2009-1185 The udev packages in Slackwar...
OpenBSD <= 4.5 (IP datagrams) Remote DOS Vulnerability
No description provided by source. / / / / / / / / / / / / / // / / / / / / / / / // / / / // // / / / / / // ///// // // // Helith - 0815 -------------------------------------------------------------------------------- Author : Rembrandt Date : 2009-04-09 Affected Software: OpenBSD Kernel Affect...
mozilla-firefox
New mozilla-firefox packages are available for Slackware 12.2, and -current to fix security issues. The new packages may also be used with earlier versions of Slackware. More details about the issues may be found on the Mozilla website:...
Slackware 12.2 / current : mozilla-firefox (SSA:2009-069-02)
New mozilla-firefox packages are available for Slackware 12.2, and -current to fix security issues. The new packages may also be used with earlier versions of Slackware. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
git
New git packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-3546 There are other security issues related to gitweb, which...