Cross site request forgery (csrf)

The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request...

Ubuntu: Security Advisory (USN-1542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Cross-site scripting XSS vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field...

databases/postgresql*-server -- multiple vulnerabilities

The PostgreSQL Global Development Group reports: The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This update patches security holes associated with libxml2 and...

Debian DSA-2529-1 : python-django - several vulnerabilities

Jeroen Dekkers and others reported several vulnerabilities in Django, a Python Web framework. The Common Vulnerabilities and Exposures project defines the following issues : - CVE-2012-3442 Two functions do not validate the scheme of a redirect target, which might allow remote attackers to conduc...

Dorifel Malware Encrypts Files, Steals Financial Data, May Be Related to Zeus or Citadel

While much of the world was focused yesterday on the Gauss malware saga, there was another interesting infection happening, mainly in the Netherlands, that researchers think may be related to the Zeus and Citadel attacks, though the motivation behind the attack is somewhat of a mystery. The new...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID ce84e136-e2f6-11e1-a8ca-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID ce84e136-e2f6-11e1-a8ca-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2012-2862

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

CVE-2012-2863

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations...

CVE-2012-2863

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations...

CVE-2012-2862

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

Design/Logic Flaw

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

CVE-2012-2862

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

CVE-2012-2862

Removed by vendor...

CVE-2011-4447

Removed by vendor...

CVE-2012-2856

The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations...

CVE-2012-2852

The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly handle object linkage, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a...

CVE-2012-2850

Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to have an unknown impact via a crafted document...

Integer overflow

Multiple integer overflows in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

Design/Logic Flaw

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...