2345 matches found
CVE-2015-4389
The CVE concerns the Drupal contributed module Open Graph Importer (og_tag_importer) in the 7.x-1.x line. The root cause is improper enforcement of the create permission on destination content types during import, enabling remote authenticated users with the import_og_tag_importer permission to b...
CVE-2015-4389
The Open Graph Importer ogtagimporter 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import ogtagimporter" permission...
cacti -- Multiple XSS and SQL injection vulnerabilities
The Cacti Group, Inc. reports: Important Security Fixes Multiple XSS and SQL injection vulnerabilities Changelog bug: Fixed SQL injection VN: JVN78187936 / TN:JPCERT98968540 bug0002542: FG-VD-15-017 Cacti Cross-Site Scripting Vulnerability Notification bug0002571: SQL Injection and Location heade...
Cacti graph.php SQL Injection Vulnerability
Cacti is a set of open source network traffic monitoring and analysis tools. The Cacti graph.php script fails to properly filter the localgraphid parameter, allowing remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...
DEBIAN-CVE-2015-0916
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the localgraphid parameter, a different vulnerability than CVE-2007-6035...
Cacti vulnerable to SQL injection
Overview Cacti is a web application that graphs stored data collected from network devices. Cacti contains a SQL injection vulnerability due to a flaw in processing user input values for 'localgraphid' in graph.php. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IP...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information
The vulnerability of the boost-graph-1.41.0 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information
The vulnerability of the boost-graph-mpich2 package in the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the CentOS operating system, which allows a malicious attacker to compromise the accessibility of protected information
The vulnerability of the boost-graph-1.41.0 package for the CentOS operating system can lead to a violation of the accessibility of protected information. Exploiting this vulnerability can be carried out remotely...
The vulnerability of the CentOS operating system, which allows a malicious attacker to compromise the accessibility of protected information
The vulnerability of the boost-graph-mpich2 package in the CentOS operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the CentOS operating system, which allows a malicious attacker to compromise the accessibility of protected information
The vulnerability of the boost-graph-openmpi-1.41.0 package for the CentOS operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information
The vulnerability of the boost-graph-openmpi-1.41.0 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
Open Graph Importer - Moderately Critical - Access bypass - Unsupported - SA-CONTRIB-2015-092
This module enables you to import content from a web page by scraping its Open Graph data. The module doesn't sufficiently check for "create" permission to the content type that is configured as the destination for imported content, thus allowing a user with the "import ogtagimporter" permission ...
openSUSE Security Update : cacti (openSUSE-2015-221)
cacti was updated to version 0.8.8c boo920399 This update fixes four vulnerabilities and adds some compatible features. - Security fixes not previously patched : - CVE-2014-2326 - XSS issue via CDEF editing - CVE-2014-2327 - Cross-site request forgery CSRF vulnerability - CVE-2014-2328 - Remote...
Value 1 2 5 0 0 dollars to the Facebook album delete vulnerability-vulnerability warning-the black bar safety net
Overview: if your photo is deleted unknowingly, what will you do? Obviously, this problem is very annoying huh? This post is to say I found a vulnerability which allows a malicious user to delete Facebook on any album. Yes, any user, page, group, photo album can be deleted. The Graph API is the...
Facebook Vulnerability Allows Hacker to Delete Any Photo Album
A Serious vulnerability in Facebook has recently been reported that could allow anyone to delete your complete Facebook photo album without having authentication. Security Researcher Laxman Muthiyah told The Hacker News that the vulnerability actually resides in Facebook Graph API mechanism, whic...
JADX - Java source code from Android Dex and Apk files
Command line and GUI tools for produce Java source code from Android Dex and Apk files. Usage jadx-gui options .dex, .apk, .jar or .class options: -d, --output-dir - output directory -j, --threads-count - processing threads count -f, --fallback - make simple dump using goto instead of 'if', 'for'...
DEBIAN-CVE-2013-2131
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service crash via format string specifiers to the rrdtool.graph function...
Critical: docker
Issue Overview: Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both archive...
[SECURITY] Fedora 19 Update: graphviz-2.30.1-13.fc19
A collection of tools for the manipulation and layout of graphs as in nodes and edges, not as in barcharts...