Certain escaped characters in host of Location-header are being treated as non-escaped — Mozilla

Security researcher Frans Rosén reported that URLs with certain escaped characters in hostnames are parsed incorrectly. This leads to parsing being abandoned when an effected escaped character is encountered followed by a navigation to the previously parsed version of the URL. When combined with ...

php: multiple issues

CVE-2015-1351 denial of service Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. - CVE-2015-1352 denial of service The...

HP Operations Orchestration Central 9.06 Cross Site Scripting

Name: XSS in HP Operations Orchestration Central version 9.06 Systems Affected: HP Operations Orchestration version 9.06 Severity: High Vendor: Hewlett-Packard References: CVE-2013-6191, CVE-2013-6192, SSRT101342 Author: Bart Leppens Date: 20130919 I. BACKGROUND HP Operations Orchestration HP OO ...

Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/35066/info Novell GroupWise WebAccess is prone to multiple security vulnerabilities. An attacker may leverage these issues to bypass certain security restrictions or conduct cross-site scripting attacks. Note that some of the issues may be related to BID...