SUSE-SU-2024:3333-1 Security update for wireshark

This update for wireshark fixes the following issues: - Upgraded Wireshark to version 3.6.24. - CVE-2024-8250: Fixed NTLMSSP dissector crash bsc1229907...

CVE-2023-36505

Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24...

CVE-2023-36505 WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion

Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24...

WordPress Plugin Ninja Forms Contact Form 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

PT-2024-12560 · Unknown · Ninja Forms Contact Form

Name of the Vulnerable Software and Affected Versions: Ninja Forms Contact Form versions 3.6.24 and earlier Description: The issue is related to an Improper Input Validation vulnerability in the Ninja Forms Contact Form. This vulnerability affects the specified versions of the Ninja Forms Contact...

WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion

Software Ninja Forms Type Plugin Vulnerable versions = 3.6.24 Fixed in 3.6.25 OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Deletion CVE CVE-2023-36505 Patch priority Low CVSS severity Low 6.8 Developer Claim ownership PSID 711180726eeb Credits Theodoros Malachias...

SUSE CVE-2014-0244

The sysrecvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a malformed UDP packet...

samba security update

3.6.23-45.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.24-45 - resolves: 1491210 - CVE-2017-2619 CVE-2017-12150 CVE-2017-12163...

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird2)

The remote Solaris system is missing necessary patches to address security updates : - Cross-site scripting XSS vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via...

SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 7844)

MozillaFirefox has been updated to version 3.6.24 to fix the following %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid57153;...

MozillaFirefox (critical)

MozillaFirefox has been updated to version 3.6.24 to fix the following security issues: MFSA 2011-46/CVE-2011-3647 bmo680880 loadSubScript unwraps XPCNativeWrapper scope parameter MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS MFSA 2011-49/CVE-2011-3650 bmo674776...

Mozilla Products XSS and Memory Corruption Vulnerabilities (Windows)

The host is installed with Mozilla firefox/thunderbird and is prone to cross site scripting and memory corruption vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsxssnmemcrptnvulnwin.nasl 7006 2017-08-25 11:51:20Z teissa $ Mozilla Products XSS and Memory Corruption Vulnerabilities...

CentOS Update for firefox CESA-2011:1437 centos5 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2011:1437 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Mozilla Releases Firefox 8 and 3.6.24

The Mozilla Foundation has released Firefox 8 and Firefox 3.6.24 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, cause a denial-of-services condition, obtain sensitive information, or perform a cross-si...

CVE-2000-0917

Format string vulnerability in usesyslog function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands...

CVE-2000-0917

CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...