148 matches found
Fedora 23 : webkitgtk-2.4.10-1.fc23 (2016-5d6d75dbea)
This update addresses the following vulnerabilities : - CVE-2015-1120 https://vulners.com/cve/CVE-2015-1120 - CVE-2015-1076 https://vulners.com/cve/CVE-2015-1076 - CVE-2015-1071 https://vulners.com/cve/CVE-2015-1071 - CVE-2015-1081 https://vulners.com/cve/CVE-2015-1081 - CVE-2015-1122...
Fedora Update for webkitgtk3 FEDORA-2016-1
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : webkitgtk3-2.4.10-1.fc23 (2016-1a7f7ffb58)
This update addresses the following vulnerabilities : - CVE-2015-1120 https://vulners.com/cve/CVE-2015-1120 - CVE-2015-1076 https://vulners.com/cve/CVE-2015-1076 - CVE-2015-1071 https://vulners.com/cve/CVE-2015-1071 - CVE-2015-1081 https://vulners.com/cve/CVE-2015-1081 - CVE-2015-1122...
Fedora 22 : webkitgtk4-2.10.4-1.fc22 (2016-d132dbb529)
Update to 2.10.4. Major new features: New HTTP disk cache for the Network Process. IndexedDB support. New Web Inspector UI. Automatic ScreenServer inhibition when playing fullscreen videos. Initial Editor API. - Performance improvements. This update addresses the following vulnerabilities:...
Oracle: Security Advisory (ELSA-2007-1155)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Networks BIG-IP : logrotate vulnerability (SOL16871)
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is automatically constructed on the basis ...
SOL16871 - logrotate vulnerability CVE-2011-1155
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
CVE-2015-1155
CVE-2015-1155 - WebKit history implementation flaw allows remote attackers to bypass Same Origin Policy and read arbitrary files via a crafted site. Affected: WebKit used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6. Remediation: apply the vendor patches that fix the histo...
CVE-2015-1155
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...
Apple Fixes WebKit Vulnerabilities in Safari Browser
Apple has updated its Safari browser, fixing a handful of exploitable WebKit flaws in various versions of Safari. WebKit is the core layout engine responsible for rendering webpages in the Safari browser. The first bulletin, vulnerabilities uncovered by Apple, resolves multiple memory corruption...
CVE-2014-1155
CVE-2014-1155 is the cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561, exploitable by remote attackers injecting arbitrary HTML/Script via the Description field of a file upload. Note: CVE-2014-1155 was historically mis-mapped to CVE-2014-9580; both entries reference t...
Cross site scripting
Cross-site scripting XSS vulnerability in ProjectSend formerly cFTP r561 allows remote attackers to inject arbitrary web script or HTML via the Description field in a file upload. NOTE: this issue was originally incorrectly mapped to CVE-2014-1155; see CVE-2014-1155 for more information...
ProjectSend r561 Ultimate Cross Site Scripting / Path Disclosure
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: ProjectSend - Cross Site Scripting & Full Path Disclosure Vulnerability's Date: 19/12/2014 Url Vendor: http://www.projectsend.org/ Vendor Name:...
ProjectSend r561 - Multiple Vulnerabilities
ProjectSend r561 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: ProjectSend r561 - Cross Site Scripting & Full Path Disclosure Vulnerability's Date: 19/12/2014 Url...
ProjectSend r561 - Multiple Vulnerabilities
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: ProjectSend r561 - Cross Site Scripting & Full Path Disclosure Vulnerability's Date: 19/12/2014 Url Vendor: http://www.projectsend.org/ Vendor Name...
openSUSE Security Update : logrotate (openSUSE-SU-2011:0536-1)
This update for logrotate provides the following fixes : dbg114-logrotate-4580 logrotate-4580 newupdateinfo The shredfile function in logrotate might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is...
Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
An updated rhev-hypervisor6 package that fixes three security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Oracle Linux 6 : logrotate (ELSA-2011-0407)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2011-0407 advisory. 3.7.8-12.1 - fix 688518 - fixed CVE-2011-1154, CVE-2011-1155 and CVE-2011-1098 Tenable has extracted the preceding description block directly from the...
CVE-2013-1155
The CVE-2013-1155 vulnerability affects Cisco Firewall Services Module (FWSM) software for Cisco Catalyst 6500 and Cisco 7600 series. The auth-proxy functionality in FWSM versions 3.1 and 3.2 prior to 3.2(20.1), 4.0 prior to 4.0(15.2), and 4.1 prior to 4.1(5.1) allows remote attackers to cause a ...
Slackware Advisory SSA:2010-116-01 irssi
The remote host is missing an update as announced via advisory SSA:2010-116-01. OpenVAS Vulnerability Test $Id: esoftslkssa201011601.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...