30 matches found
EUVD-2012-2345
Malware in sbrugna...
USN-5064-1: GNU cpio vulnerability
Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code...
CVE-2020-26547
Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon XEP-0280 results. This allows a remote attacker able to send stanzas to a victim to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim...
Fedora: Security Advisory for ark (FEDORA-2020-f04f41bcc9)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: ark-20.04.3-5.fc33
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...
[SECURITY] Fedora 32 Update: ark-20.04.3-5.fc32
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...
[SECURITY] Fedora 32 Update: ark-20.04.3-3.fc32
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...
Fedora: Security Advisory for ark (FEDORA-2020-cac5ae9b6e)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 31 Update: ark-20.04.3-3.fc31
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...
The vulnerability of the client’s /xep/0313_message_archive_management.vala module for instant messaging between dino users, related to insufficient input data validation, allows a perpetrator to compromise the integrity of the data.
The vulnerability of the client’s /xep/0313messagearchivemanagement.vala module for instant messaging between dino users is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...
CVE-2019-16237
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313messagearchivemanagement.vala...
DEBIAN-CVE-2019-16237
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313messagearchivemanagement.vala...
UBUNTU-CVE-2019-16237
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313messagearchivemanagement.vala...
Fedora 23 : gajim-0.16.5-1.fc23 (2016-c82e5c322c)
Version 0.16.5 of Gajim has been released. What's new since 0.16.4: Improve Message Archive Management implementation Improve security on connexion and for roster management CVE-2015-8688 Full changelog: http://hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLog List of fixed bugs:...
Fedora 22 : gajim-0.16.5-1.fc22 (2016-838200213e)
Version 0.16.5 of Gajim has been released. What's new since 0.16.4: Improve Message Archive Management implementation Improve security on connexion and for roster management CVE-2015-8688 Full changelog: http://hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLog List of fixed bugs:...
FreeBSD : mail/sympa* -- Multiple vulnerabilities in Sympa archive management (de6d8290-aef7-11e1-898f-14dae938ec40)
David Verdin reports : Multiple vulnerabilities have been discovered in Sympa archive management that allow to skip the scenario-based authorization mechanisms. This vulnerability allows the attacker to : - display the archives management page 'arcmanage' - download the list's archives - delete t...
DEBIAN-CVE-2012-2352
The archive management arcmanage page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the 1 doarcmanage, 2 doarcdownload, or 3 doarcdelete functions...
CVE-2012-2352
The archive management arcmanage page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the 1 doarcmanage, 2 doarcdownload, or 3 doarcdelete functions...
CVE-2012-2352
The archive management arcmanage page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the 1 doarcmanage, 2 doarcdownload, or 3 doarcdelete functions...
Design/Logic Flaw
The archive management arcmanage page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the 1 doarcmanage, 2 doarcdownload, or 3 doarcdelete functions...