4422 matches found
CVE-2015-1769
creationtimestamp| type| source ---|---|--- 2015-08-11 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2015/08/defending-against-cve-2015-1769-a-logical-issue-exploited-via-a-malicious-usb-stick/ 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24...
HTTPie - a CLI, cURL-like tool for humans
HTTPie pronounced aych-tee-tee-pie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output...
[SECURITY] Fedora 22 Update: mantis-1.2.19-3.fc22
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis When t...
[SECURITY] Fedora 21 Update: mantis-1.2.19-3.fc21
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis When t...
OracleVM 3.3 : ntp (OVMSA-2015-0102)
The remote OracleVM system is missing necessary patches to address critical security updates : - reject packets without MAC when authentication is enabled CVE-2015-1798 - protect symmetric associations with symmetric key against DoS attack CVE-2015-1799 - fix generation of MD5 keys with ntp-keyge...
XSS Payload Management Framework: Sleepy Puppy
Sleepy Puppy is a cross-site scripting XSS payload management framework which simplifies the ability to capture, manage, and track XSS propagation over long periods of time. Why Should I use Sleepy Puppy? Often when testing for client side injections HTML/JS/etc. security engineers are looking fo...
Nikto2 - Web Server Scanner
Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks...
[SECURITY] Fedora 21 Update: postgresql-9.3.9-1.fc21
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
mailman security and bug fix update
3:2.1.15-21 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.15-20 - fix 1107652 - do not install patch backup files in documentation 3:2.1.15-19 - fix 1188043 - set 2775 permission only for /etc/mailman 3:2.1.15-18 - fix 1107652 - add support for DMARC - fix 1180981 - install...
mantis -- information disclosure vulnerability
Mantis reports: CVE-2015-5059: documentation in private projects can be seen by every user...
[SECURITY] Fedora 22 Update: postgresql-9.4.4-1.fc22
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection Advisory: SQL Injection in TYPO3 Extension Akronymmanager An SQL injection vulnerability in the TYPO3 extension "Akronymmanager" allows authenticated attackers to inject SQL statements and thereby read data from the TYPO3 database. Details...
CVE-2015-4370
Cross-site scripting XSS vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...
Cross site scripting
Cross-site scripting XSS vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...
CVE-2015-4370
Cross-site scripting XSS vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...
CVE-2015-4370
CVE-2015-4370 is a XSS in the Drupal Site Documentation module (6.x-1.x) prior to 6.x-1.5. Root cause: insufficient sanitization of user-supplied text on certain pages, exploitable by remote authenticated users with permission to create/edit taxonomy terms. Impact: arbitrary script/HTML injection...
Author Behind Ransomware Tox Calls it Quits, Sells Platform
Earlier this week, when the author behind the crypto-ransomware Locker apologized and released decryption keys for his victims, it seemed like a change of heart, uncharacteristic for an attacker. Now another ransomware creator has also decided to cut his losses and get out of the game – but not...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-doc-2.6.32 package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
SUSE SLED12 / SLES12 Security Update : webkitgtk (SUSE-SU-2015:0688-1)
This update fixes the following security issues : - Fix SSL connection issues with some websites after the POODLE vulnerability fix. - Fix a crash when loading flash plugins. - Fix build on GNU Hurd - Fix build on OS X. - Fix documentation of webkitprintoperationgetpagesetup. - Security fixes:...
[SECURITY] Fedora 21 Update: texlive-2014-7.1.20140525_r34255.fc21
The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...