35 matches found
Linux Kernel - AF_PACKET Use-After-Free (2)
Linux Kernel - AFPACKET Use-After-Free 2 Vulnerabilities summary The following advisory describes a use-after-free vulnerability found in Linux Kernel’s implementation of AFPACKET that can lead to privilege escalation. AFPACKET sockets “allow users to send or receive packets on the device driver...
PHP Melody Multiple Vulnerabilities
Vulnerabilities Summary The following advisory describes three 3 vulnerabilities found in PHP Melody version 2.7.3. PHP Melody is a “self-hosted Video CMS which evolved over the last 9 years. SEO optimization, unbeaten security and speed are advantages you no longer have to compromise on. A truly...
McAfee Security Scan Plus - Remote Command Execution
McAfee Security Scan Plus - Remote Command Execution Vulnerability Summary The following advisory describes a Remote Code Execution found in McAfee Security Scan Plus. An active network attacker could launch a man-in-the-middle attack on a plaintext-HTTP response to a client to run any residing...
IDERA Uptime Monitor 7.8 - Multiple Vulnerabilities
IDERA Uptime Monitor 7.8 - Multiple Vulnerabilities Vulnerabilities Summary The following advisory describe three 3 vulnerabilities found in IDERA Uptime Monitor version 7.8. “IDERA Uptime Monitor is a Proactively monitor physical servers, virtual machines, network devices, applications, and...
Fedora 25 : php-horde-Horde-Mime-Viewer (2016-f5fda29032)
HordeMimeViewer 2.2.1 - jan SECURITY: Don't render SVG images in the browser to avoid XSS attacks Reported by Dawid Gounski via Beyond Security's SecuriTeam Secure Disclosure program. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...
ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-115: EMC RecoverPoint for Virtual Machines VMs Restriction Bypass Vulnerability EMC Identifier: ESA-2015-115 CVE Identifier: CVE-2015-4526 Severity Rating: CVSSv2 Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC RecoverPoin...
SQL injection vulnerabilities, producing a privilege escalation (control user).
PMASA-2013-15 Announcement-ID: PMASA-2013-15 Date: 2013-07-28 Updated: 2013-08-06 Summary SQL injection vulnerabilities, producing a privilege escalation control user. Description Due to a missing validation of parameters passed to schemaexport.php and pmdpdf.php, it was possible to inject SQL...
Oracle Linux 5 / 6 : rdesktop (ELSA-2011-0506)
The remote Oracle Linux 5 / 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-0506 advisory. 1.6.0-8.1 - Prevent remote file access 676252 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure
Multiple vulnerabilities were discovered in Drupal core. Arbitrary PHP code execution A bug in the installer code was identified that allows an attacker to re-install Drupal using an external database server under certain transient conditions. This could allow the attacker to execute arbitrary PH...
RedHat Update for kernel RHSA-2012:1064-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
VMSA-2011-0011:Hosted product updates address a remote code execution vulnerability in the way UDF file systems are handled
VMSA-2011-0011 VMware hosted products address remote code execution vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0011 VMware Security Advisory Synopsis: VMware hosted products address remote code execution vulnerability VMware Security Advisory Issue date...
Fedora 14 : rdesktop-1.6.0-11.fc14 (2011-7697)
This update fixes a security issue in rdesktop 1.6.0. A directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local...
Fedora 13 : rdesktop-1.6.0-10.fc13 (2011-7694)
This update fixes a security issue in rdesktop 1.6.0. A directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local...
Opera -- code injection vulnerability through broken frameset handling
Opera Software ASA reports: Fixed an issue with framesets that could allow execution of arbitrary code, as reported by an anonymous contributor working with the SecuriTeam Secure Disclosure program...
RedHat Update for rdesktop RHSA-2011:0506-01
Check for the Version of rdesktop OpenVAS Vulnerability Test RedHat Update for rdesktop RHSA-2011:0506-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...