CVE-2016-7873

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution...

[SECURITY] Fedora 24 Update: php-simplesamlphp-saml2_1-1.10.3-1.fc24

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML21/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 24 Update: php-simplesamlphp-saml2-2.3.3-1.fc24

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML2/autoload.php 1 https://www.simplesamlphp.org/ 2...

PT-2016-2960 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 23.0.0.207 and earlier Adobe Flash Player versions 11.2.202.644 and earlier Description: The issue is caused by a buffer boundary violation in the RegExp class of the Flash Player platform. Exploitation of this iss...

ALPINE-CVE-2016-9864

An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and ...

CVE-2016-9853

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9852

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

ALPINE-CVE-2016-6617

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...

CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

ALPINE-CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6608

XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions prior to 4.6.4 are affected...

CVE-2016-9855

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9853

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

Sql injection

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

Path traversal

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

Sql injection

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...

CVE-2016-6611

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6617

An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...

CVE-2016-9854

Summary (CVE-2016-9854) : A path disclosure issue in phpMyAdmin arises when triggering certain scripts; an error message can reveal the full path to the phpMyAdmin installation, and during export time these paths are written into the export file. Affected versions are all 4.6.x before 4.6.5 and 4...