CVE-2017-9274

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

[SECURITY] Fedora 25 Update: rubygem-yard-0.8.7.6-4.fc25

YARD is a documentation generation tool for the Ruby programming language. It enables the user to generate consistent, usable documentation that can be exported to a number of formats very easily, and also supports extending for custom Ruby constructs such as custom class level definitions...

[SECURITY] Fedora 26 Update: rubygem-yard-0.9.8-4.fc26

YARD is a documentation generation tool for the Ruby programming language. It enables the user to generate consistent, usable documentation that can be exported to a number of formats very easily, and also supports extending for custom Ruby constructs such as custom class level definitions...

[SECURITY] Fedora 27 Update: rubygem-yard-0.9.8-4.fc27

YARD is a documentation generation tool for the Ruby programming language. It enables the user to generate consistent, usable documentation that can be exported to a number of formats very easily, and also supports extending for custom Ruby constructs such as custom class level definitions...

Firejail - Local Privilege Escalation

Firejail - Local Privilege Escalation firejail advisory for TOCTOU in --get and --put local root Releasing a brief advisory/writeup about a local root privesc found in firejail that we reported back in Nov, 2016. This is in response to a recent thread on oss-sec where people seem interested in...

PT-2015-3437 · Pcre +5 · Pcre +5

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue is related to the pcre compile function in the PCRE library, which mishandles certain : nesting in regular expressions. This can be exploited by remote attackers to cause a denial of service,...

CVE-2013-2160

The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service CPU and memory consumption via crafted XML with a large number of 1 elements, 2 attributes, 3 nested constructs, and possibly other vectors...

apache-cxf: Multiple denial of service flaws in the StAX parser

The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service CPU and memory consumption via crafted XML with a large number of 1 elements, 2 attributes, 3 nested constructs, and possibly other vectors...

Certain URL constructs can allow arbitrary code execution – Opera Security Advisories

Certain page address URL constructs can cause Opera to allocate the wrong amount of memory for storing the address. When it then attempts to store the address, it will overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code...

Certain URL constructs can allow arbitrary code execution

Certain page address URL constructs can cause Opera to allocate the wrong amount of memory for storing the address. When it then attempts to store the address, it will overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code...

[SECURITY] Fedora 15 Update: postgresql-9.0.8-1.fc15

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, sub-selects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL...

Opera Browser Multiple Vulnerabilities-01 (Jul 2011) - Linux

Opera browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 15 Update: postgresql-9.0.7-1.fc15

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, sub-selects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL...

Joomla Component com_aist SQL Injection Vulnerability

This host is running Joomla! and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomaistsqlinjvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Joomla Component 'comaist' SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH...

[SECURITY] Fedora 12 Update: postgresql-8.4.5-1.fc12

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

Design/Logic Flaw

Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages...

[SECURITY] Fedora 12 Update: postgresql-8.4.2-1.fc12

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

[SECURITY] Fedora 10 Update: postgresql-8.3.8-1.fc10

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

[SECURITY] Fedora 11 Update: postgresql-8.3.8-1.fc11

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

[SECURITY] Fedora 9 Update: postgresql-8.3.7-1.fc9

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...