463 matches found
CVE-2014-3627
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...
Backend Localization 1.6.1 - wp-login.php kau-boys_backend_localization_language Parameter XSS
The Backend Localization WordPress plugin was affected by a wp-login.php kau-boysbackendlocalizationlanguage Parameter XSS security vulnerability...
Oracle Solaris Critical Patch Update : jan2014_SRU11_1_15_4_0
This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Localization L10N. The supported version that is affected is 11.1. Difficult to exploit vulnerability requiring...
Foswiki MAKETEXT Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
openSUSE Security Update : roundcubemail (openSUSE-SU-2014:0365-1)
roundcubemail was updated to 0.9.5 to fix bugs and security issues. Fixed security issues : - CVE-2013-6172: vulnerability in handling session argument of utils/save-prefs New upstream release 0.9.5 bnc847179 CVE-2013-6172 - Fix failing vCard import when email address field contains spaces - Fix...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0893-1)
Changes in icedtea-web with update to 1.4 bnc818768 : - Added cs, de, pl localization - Splash screen for javaws and plugin - Better error reporting for plugin via Error-splash-screen - All IcedTea-Web dialogues are centered to middle of active screen - Download indicator made compact for more th...
Localize: XSS in main page (invitation)
If a project name is saved with a XSS string such as: “!-- and a translator visits and requests and invite, it'll result in the xss executing in the main page, due to the fact that it shows your requests. Screen: http://prntscr.com/3awwuv...
Fedora Update for perltidy FEDORA-2014-3874
Check for the Version of perltidy OpenVAS Vulnerability Test Fedora Update for perltidy FEDORA-2014-3874 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for perltidy FEDORA-2014-3891
Check for the Version of perltidy OpenVAS Vulnerability Test Fedora Update for perltidy FEDORA-2014-3891 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Perl, Locale Maketext Perl module: Multiple vulnerabilities
Background Perl is Larry Wall’s Practical Extraction and Report Language. Locale::Maketext is a Perl module - framework for localization. Description Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for...
Fedora Update for rubygem-i18n FEDORA-2013-23062
Check for the Version of rubygem-i18n OpenVAS Vulnerability Test Fedora Update for rubygem-i18n FEDORA-2013-23062 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for rubygem-i18n FEDORA-2013-23068
Check for the Version of rubygem-i18n OpenVAS Vulnerability Test Fedora Update for rubygem-i18n FEDORA-2013-23068 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
[SECURITY] Fedora 20 Update: rubygem-i18n-0.6.4-3.fc20
Ruby Internationalization and localization solution...
[SECURITY] Fedora 19 Update: rubygem-i18n-0.6.1-4.fc19
Ruby Internationalization and localization solution...
[SECURITY] Fedora 18 Update: rubygem-i18n-0.6.0-2.fc18
Ruby Internationalization and localization solution...
Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities
Exploit for linux platform in category web applications Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: email protected Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manag...
SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 7981)
This update to IcedTea-Web 1.4 provides the following fixes and enhancements : - Security updates - RH916774: Class-loader incorrectly shared for applets with same relative-path. CVE-2013-1926 - RH884705: fixed gifar vulnerabilit. CVE-2013-1927 - RH840592: Potential read from an uninitialized...
Fedora 19 : bzr-2.5.1-11.fc19 (2013-9538)
Fixes CVE-2013-2099, maliciously crafted SSL certificate can cause a denial of service. - Builds the C extensions from the Cython source instead of the pregenerated C files. - Build without strict-aliasing on Fedora versions which have a bug in the python distutils module. - Install the...
Fedora 18 : bzr-2.5.1-11.fc18 (2013-9620)
Fixes CVE-2013-2099, maliciously crafted SSL certificate can cause a denial of service. - Builds the C extensions from the Cython source instead of the pregenerated C files. - Build without strict-aliasing on Fedora versions which have a bug in the python distutils module. - Install the...
TWiki < 5.1.4 MAKETEXT Variable Tilde Character Command Injection
According to its version number, the instance of TWiki running on the remote host is affected by a command injection vulnerability. The '%MAKETEXT%' variable fails to properly sanitize user-supplied input. A remote attacker can exploit this issue to execute arbitrary shell commands on the remote...