CVE-2015-8082

The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly load the userlogout function, which allows remote attackers to bypass the logout protection mechanism by leveraging a contributed user authentication module, as demonstrated by the CAS and URL...

SA-CONTRIB-2010-052 - Multiple vulnerabilities in multiple contributed modules

Versions affected and proposed solutions Private Message versions for the 5.x versions of Drupal The Privatemsg also known as Private Message module enables messages to be sent internally on a site. The module is vulnerable to cross-site request forgeries CSRF via it's message delete form. This...

Heap overflow in Snort "stream4" preprocessor

Overview The Snort "stream4" preprocessor module contains a vulnerability that allows remote attackers to execute arbitrary code with the privileges of the user running Snort, typically root. Description Researchers at CORE Security Technologies have discovered a remotely exploitable heap overflo...

Roxen Web Server Counter Module Crafted Request Saturation DoS

Roxen Challenger WebServer is running with the counter module installed. Requesting large counter GIFs can lead to CPU exhaustion. If the server does not support threads, this will prevent the server from serving other clients. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by...