65 matches found
tomita-parser file download vulnerability
tomita-parser is a tool that provides structured data from natural language text. A file download vulnerability exists in tomita-parser that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...
CVE-2016-0240
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...
The vulnerability of the Squid proxy server allows a hacker to cause a service failure.
The vulnerability of the FwdState::connectedToPeer method FwdState.cc in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause a service failure application termination by using an unencrypted HTTP message...
UBUNTU-CVE-2015-0812
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdoma...
PT-2012-3978 · Moodle · Moodle
Name of the Vulnerable Software and Affected Versions: Moodle versions 2.1.x through 2.1.5 Moodle versions 2.2.x through 2.2.2 Description: The issue concerns the Multi-Authentication feature in the Central Authentication Service CAS functionality. It does not utilize HTTPS, allowing remote...