SIPp 安全漏洞

SIPp is an open-source SIP protocol testing tool and traffic generator developed by SIPp. Versions of SIPp 3.6 and earlier contained security vulnerabilities. These vulnerabilities stemmed from local buffer overflows in the handling of command-line parameters, which could allow local attackers to...

CVE-2026-5054

NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

CVE-2026-5054

CVE-2026-5054 – NoMachine Local Privilege Escalation . The issue is in NoMachine’s handling of command line parameters, where user-supplied paths are not properly validated before file operations. This can allow a local attacker who can execute low-privilege code to escalate to root and run arbit...

EUVD-2020-27716

Malware in sbrugna...

Authorization Bypass

chromium is vulnerable to authorization bypass. Insufficient validation of untrusted input in command line handling allows a remote attacker to bypass navigation restrictions via a malicious HTML page...

CVE-2020-6567

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

CVE-2020-6567

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

CVE-2020-6567

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

CVE-2020-6567

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

RHEL 6 : chromium-browser (RHSA-2020:3723)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3723 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 85.0.4183.83. Security Fixes:...

OPENSUSE-SU-2020:1328-1 Security update for chromium

This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.83 boo1175757 fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 20 security fixes, including: 1109120 High CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-24 1116706 High CVE-2020-6559: Use after free in presentation API. Report...

Security vulnerabilities fixed in Firefox ESR 60.6 — Mozilla

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. The type inference system allows the compilation of functions that can cause typ...

SUSE-SU-2015:0427-1 Recommended update for xorg-x11-server

This collective update for xorg-x11-server provides the following fixes: Fix a segmentation fault that can occur when X11 packets are forwarded between a client and a server with different endianess. bnc874903 Free software cursor backing pixmap when transition between screens. This fixes a crash...

Slackware Advisory SSA:2005-269-01 Mozilla/Firefox

The remote host is missing an update as announced via advisory SSA:2005-269-01. OpenVAS Vulnerability Test $Id: esoftslkssa200526901.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2005-278-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[repost] [slackware-security] Thunderbird email client

New Thunderbird packages are available for Slackware 10.2 and -current to fix a security issue: MFSA 2005-59 Command-line handling on Linux allows shell execution More details about this issue may be found on the Mozilla web site:...

TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (1)

// source: https://www.securityfocus.com/bid/8993/info It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an attacker may be capable of exploiting the application in a variety of ways to execute...