Design/Logic Flaw

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address aka oldemail field for e-mail change notifications, which makes it easier for remote...

Mandriva Update for kernel MDVSA-2008:224 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2008:224 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CVE-2008-4554

CVE-2008-4554 affects the Linux kernel in the do_splice_from function (fs/splice.c). Before 2.6.27, it does not reject file descriptors with the O_APPEND flag, allowing a local attacker to bypass append mode and make arbitrary changes to other parts of a file. The vulnerability is tied to the ker...

Airspan ProST WiMAX Device - Web Interface Authentication Bypass

source: https://www.securityfocus.com/bid/28122/info Airspan ProST WiMAX device is prone to an authentication-bypass vulnerability because it fails to perform adequate authentication checks in the web interface. An attacker can exploit this issue to gain unauthorized access to the affected device...

Design/Logic Flaw

Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the 1 username, or the 2 password and password2 parameters in an edit action...