32 matches found
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
WordPress Header.php Unauthorized Code Injection
A Code Injection vulnerability has been reported in WordPress. Successful exploitation of this vulnerability would allow a remote attacker to redirect the clients who access an Infected WordPress website to an attacker-controlled page, and infect the client host...
WordPress Clikstats Plugin Open Redirection
A website redirection vulnerability exists in WordPress Clickstats Plugin. Successful exploitation of this vulnerability would allow a remote attacker to redirect the clients who access a WordPress website to an attacker-controlled page, and infect the client host...
DEBIAN-CVE-2016-1983
The clienthost function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service invalid read and crash via an empty HTTP Host header...
WordPress PHP Movie Parameter Redirection
A website redirection vulnerability has been reported in WordPress. Successful exploitation of this vulnerability would allow a remote attacker to redirect the clients who access a WordPress website to an attacker-controlled page, and infect the client host...
Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
A vulnerability in a Cisco-signed Java Archive JAR executable Cache Cleaner component of Cisco Secure Desktop could allow an unauthenticated, remote attacker to execute arbitrary commands on the client host where the affected .jar file is executed. Command execution would occur with the privilege...
Scientific Linux Security Update : qpid on SL6.x i386/x86_64 (20120919)
Apache Qpid is a reliable, cross-platform, asynchronous messaging system that supports the Advanced Message Queuing Protocol AMQP in several common programming languages. It was discovered that the Qpid daemon qpidd did not allow the number of connections from clients to be restricted. A maliciou...
SuSE 10 Security Update : dhcpcd (ZYPP Patch Number 7452)
A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 Note: this is a...
Multiple Telnet Clients vulnerable to buffer overflow via the env_opt_add() function in telnet.c
Overview Multiple Telnet clients contain a data length validation flaw that may allow a malicious server to execute arbitrary code on the client host with privs of client. Description The Telnet network protocol is described in RFC854 and RFC855 as a general, bi-directional communications facilit...
Дырка в BitchX ircd (FQDN buffer overflow)
Переполнение буфера при слишком длинном FQDN-Имени хоста клиента...
CVE-2026-45074: Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay
More info at https://symfony.com/cve-2026-45074...
CVE-2026-45074: Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay
More info at https://symfony.com/cve-2026-45074...