EUVD-2021-1457

Malware in sbrugna...

CVE-2024-7246

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...

BIT-GOLANG-2023-45284 Incorrect detection of reserved device names on Windows in path/filepath

On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports the...

RUSTSEC-2022-0089 `aliyun-oss-client` secret exposure

The aliyun-oss-client unintentionally divulges the authentication secret. This bug was fixed in this commit by limiting the concerned traits to be pub only within the crate...

Mageia: Security Advisory (MGASA-2019-0270)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

All Vulnerabilities for whtop.com Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| whtop.com ---|--- Open Bug Bounty...

All Vulnerabilities for edulink.edu.lk Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| edulink.edu.lk ---|--- Open Bug Bounty...

PYSEC-2020-337

In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node given by outputindex and the input slot of the dst node...

CVE-2019-20043

In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this...

CVE-2011-3374

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack...

openSUSE Security Update : links (openSUSE-2019-2185)

This update for links fixes the following issues : links was updated to 2.20.1 : - libevent bug fixes links was updated to 2.20 : - Security bug fixed: when links was connected to tor, it would send real dns requests outside the tor network when the displayed page contains link elements with...

JoomScan 0.0.5 - OWASP Joomla Vulnerability Scanner Project

OWASP JoomScan short for Joomla Vulnerability Scanner is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them. WHY OWASP JOOMSCAN ? If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is bei...

kernel security update

3.10.0-514.6.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.6.2 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic...

[SECURITY] [DSA 3654-1] quagga security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3654-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 26, 2016 https://www.debian.org/security/faq -...

CVE-2012-2150

xfsmetadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image...

CentOS 7 : php (CESA-2015:1135)

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

OS Property - Joomla Real Estate sqli pre 2.8.1

OS Property - Joomla Real Estate sqli 12th May 2014 - New version 2.8.1 ============== Bug Fixed =============== 1. SQL Injection solved developer did not inform VEL...

MODx (Evogallery) File Upload Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: MODx Evogallery File Upload Vulnerability + Date: 18-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + Vendor: http://modx.com/extras/package/evogallery + Friendly Sites:...

Cain & Abel v4.9.43 Released

Cain & Abel v4.9.43 Released Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing passwor...

Fedora 10 : cups-1.3.9-4.fc10 (2008-10895)

Security update to fix CVE-2008-5183. Also changed in this update: a bug that caused cups-polld to fail to resolve hostnames has been fixed a bug that could cause libcups to get stuck in a loop has been fixed the dnssd backend has been removed as it is not working correctly and can prevent printe...