6240 matches found
UBUNTU-CVE-2016-0747
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service worker process resource consumption via vectors related to arbitrary name resolution...
UBUNTU-CVE-2016-0746
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service worker process crash or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing...
Mail.ru: reflected in xss
hello i found vulnerability cross site scripting https://touch.mail.ru This vulnerability affects /cgi-bin/passremind. Attack details Cookie input VID was set to 14svrC28zu5Q1MWh0r"prompt979663" The input is reflected inside tag between single quotes. Request GET /cgi-bin/passremind HTTP/1.1...
FreeBSD : passenger -- client controlled header overwriting (84fdd1bb-9d37-11e5-8f5c-002590263bf5)
"Daniel Knoppel reports : It was discovered by the SUSE security team that it was possible, in some cases, for clients to overwrite headers set by the server, resulting in a medium level security issue. CVE-2015-7519 has been assigned to this issue. Affected use-cases : Header overwriting may occ...
passenger -- client controlled header overwriting
Daniel Knoppel reports: It was discovered by the SUSE security team that it was possible, in some cases, for clients to overwrite headers set by the server, resulting in a medium level security issue. CVE-2015-7519 has been assigned to this issue. Affected use-cases: Header overwriting may occur ...
How to Install Let's Encrypt Free SSL Certificate On Your Website
Another Big Milestone – Let's Encrypt is now offering Free HTTPS certificates to everyone. Let's Encrypt has opened to the public, allowing anyone to obtain Free SSL/TLS Secure Socket Layer/Transport Layer Security certificates for their web servers and to set up HTTPS websites in a few simple...
nginx 1.9.x < 1.9.6 HTTPv2 PRI Double-Free DoS
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is 1.9.x prior to 1.9.6. It is, therefore, affected by a denial of service vulnerability due to a double-free memory error in the HTTPv2 module that is triggered when handling certa...
Radancy: Version Disclosure (NginX)
Hi, I found a version disclosure Nginx in the your web server's HTTP response. Extracted Version: 1.8.0 This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Nginx. Impact An attacker...
Dream CMS 2.3.0 Cross Site Request Forgery
Dream CMS 2.3.0 CSRF Add Extension And File Upload PHP Code Execution...
Gentoo Security Advisory GLSA 201406-20
Gentoo Linux Local Security Checks GLSA 201406-20 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Gentoo Security Advisory GLSA 201310-04
Gentoo Linux Local Security Checks GLSA 201310-04 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Gentoo Security Advisory GLSA 201502-06
Gentoo Linux Local Security Checks GLSA 201502-06 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Returnsoft CMS - SQL Injection Vulnerability
Exploit for php platform in category web applications ========================================================== + Title :- Returnsoft CMS - SQL Injection Vulnerability + Date :- 9 - Sep - 2015 + Vendor Homepage :- http://returnsoft.info/ + Version :- All Versions + Tested on :- Nginx/1.4.5,...
Amazon Linux: Security Advisory (ALAS-2013-249)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2013-189)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2014-308)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2011-30)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2012-74)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2014-421)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2012-63)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...