115 matches found
OPENSUSE-SU-2018:1437-1 Security update for Chromium
This update for Chromium to version 66.0.3359.181 fixes the following issues: - CVE-2018-6118: Use after free in Media Cache bsc1091288 - CVE-2018-6085: Use after free in Disk Cache - CVE-2018-6086: Use after free in Disk Cache - CVE-2018-6087: Use after free in WebAssembly - CVE-2018-6088: Use...
CVE-2017-17734
CMS Made Simple CMSMS before 2.2.5 does not properly cache login information in sessions...
wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack...
WEM : "No available configuration source detected, Local cache Not Found or not initialized!"
WEM Agent not registering with WEM Broker and the following WEM Agent error is present in the Agent Session Logs: "No available configuration source detected, Local cache Not Found or not initialized!"...
FantasyTote: Stored number of clicks in the Deposits button
Hi, i have found a cache issue that your system store the number of clicks at the Deposits button. You can click the Deposits button more than one time and the amount will by multiplied by the number of clicks . I have attacked the poc . Thanks...
MGASA-2014-0028 Updated python-jinja2 package fixes two security vulnerabilities
Updated python-jinja2 packages fix security vulnerability: Jinja2, a template engine written in pure python, was found to use /tmp as a default directory for jinja2.bccache.FileSystemBytecodeCache, which is insecure because the /tmp directory is world-writable and the filenames used like...
samba security, bug fix, and enhancement update
3.6.9-164 - resolves: 1008574 - Fix offline logon cache not updating for cross child domain group membership. 3.6.9-163 - resolves: 1015359 - Fix CVE-2013-0213 and CVE-2013-0214 in SWAT. 3.6.9-162 - resolves: 978007 - Fix 'valid users' manpage documentation. 3.6.9-161 - resolves: 997338 - Fix...
Patches Released for BIND Denial-of-service Vulnerability
Patches Released for BIND Denial-of-service Vulnerability There's a new vulnerability in the popular BIND name server software that is causing various versions of the application to crash unexpectedly after logging a certain kind of error. The Internet Systems Consortium ISC, an organization that...
CVE-2006-1358
Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes a JSR-168 Portlet to be retrieved from the cache for the wrong session, which might allow one user to see a Portlet of another user...
MSIE Overly Trusted Location Variant Method Cache Vulnerability
This vulnerability as well as many more can be found at http://www.greyhats.cjb.net Overly Trusted Location Variant Method Cache Vulnerability Tested IEXPLORE.EXE file version 6.0.2800.1106 MSHTML.DLL file version 6.00.2800.1400 Microsoft Windows XP sp1 Discussion Apparently, Internet Explorer...
Two Vulnerabilities in Mozilla may lead to remote compromise
Two Vulnerabilities in Mozilla may lead to remote compromise. =--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--= ---------------------- Vendor Information: ---------------------- Homepage : http://www.mozilla.org Vendor : informed on 11/06/04 Mailed advisory: 13/06/04 Vender Response :...
Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution
source: https://www.securityfocus.com/bid/6923/info Microsoft Outlook and Outlook Express may execute arbitrary programs through objects embedded in HTML email messages. When an email message or newsgroup message is viewed using Outlook, a temporary object is created in the Internet Explorer cach...
CVE-1999-0755
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option...
CVE-1999-1306
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters...
Security update 1970-01-01
...