UBUNTU-CVE-2017-3735

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g...

Cisco DPC3939 and DPC3941T Comcast Firmware Information Disclosure Vulnerability

The Cisco DPC3939 and DPC3941T are both wireless voice gateway products from Cisco USA. comcast is a set of firmware developed by Comcast USA that runs in devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the Cisco DPC3939 using the...

concrete5 Host Header Injection Vulnerability

concrete5 is a free content management system CMS developed by Portland Labs in the United States. A Host header injection vulnerability exists in concrete5, which allows an attacker to inject a malicious ip or domain name by modifying the Host header...

wget Target IP Address Information Acquisition Vulnerability

wget is a free tool to automatically download files from the network, supporting downloads via the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. A security vulnerability exists in wget, where a remote FTP server can reject a user's FTP PASV command, causing the target user's wget...

UBUNTU-CVE-2015-6727

The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text...

OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694)

A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP addres...

UBUNTU-CVE-2015-5144

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

Apple MAC OS X Yosemite Information Disclosure Vulnerability (CNVD-2015-00761)

Apple MAC OS X Yosemite is the latest operating system developed by Apple. Apple MAC OS X Yosemite Spotlight fails to check the status of Mail's "Load remote content in messages" setting, which can result in the sender of an email being able to determine the recipient's IP address information...

DEBIAN-CVE-2012-4435

fwknop before 2.0.3 does not properly validate IP addresses, which allows remote authenticated users to cause a denial of service server crash via a long IP address...

DEBIAN-CVE-2006-6893

Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through 1 ICMP timestamps, 2 TCP sequence numbers, and 3 TCP timestamps, ...