4422 matches found
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the bash-doc-4.1.2 package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the CentOS operating system, which allows a malicious attacker to compromise the accessibility of protected information
The vulnerability of the openswan-doc-2.6.14 package for the CentOS operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the openswan-doc package for the SUSE Linux Enterprise operating system can lead to violations of the confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Fedora 21 : zarafa-7.1.12-1.fc21 (2015-5823)
Zarafa Collaboration Platform 7.1.12 final 48726 ================================================== - ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option - ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions - ZCP-10578: missing...
Fedora 20 : zarafa-7.1.12-1.fc20 (2015-5864)
Zarafa Collaboration Platform 7.1.12 final 48726 ================================================== - ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option - ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions - ZCP-10578: missing...
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-30.fc22
The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...
[SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20
The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...
[SECURITY] Fedora 22 Update: mailman-2.1.20-1.fc22
Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.0 update
Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact...
Coinbase: iframes considered harmful
The Coinbase API offers an iframe payment option. iframes are attractive because they allow Coinbase's customers to give the illusion that the Bitcoin transaction is embedded entirely within the customer's website. But customers can and do refer to that iframe on insecure connections. Hijacking a...
[SECURITY] Fedora 21 Update: texlive-2014-3.1.20140525_r34255.fc21
The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...
[SECURITY] Fedora 20 Update: texlive-2013-6.20131226_r32488.fc20
The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...
SUSE-SU-2015:0688-1 Security update for webkitgtk
This update fixes the following security issues: - Fix SSL connection issues with some websites after the POODLE vulnerability fix. - Fix a crash when loading flash plugins. - Fix build on GNU Hurd - Fix build on OS X. - Fix documentation of webkitprintoperationgetpagesetup. - Security fixes:...
[SECURITY] Fedora 22 Update: dokuwiki-0-0.24.20140929c.fc22
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
[SECURITY] Fedora 21 Update: dokuwiki-0-0.24.20140929c.fc21
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
[SECURITY] Fedora 20 Update: dokuwiki-0-0.24.20140929c.fc20
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
Multiple Cross-Site Scripting Vulnerabilities in Drupal Site Documentation Module
Drupal is a developmental CMF Content Management Framework written in the PHP language. Multiple cross-site scripting vulnerabilities exist in the Drupal Site Documentation module. Because the application fails to properly filter user-supplied input, an attacker could exploit the vulnerabilities ...
Java RMI Registry Interfaces Enumeration
This module gathers information from an RMI endpoint running an RMI registry interface. It enumerates the names bound in a registry and looks up each remote reference. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
SA-CONTRIB-2015-074 - Site Documentation - Cross Site Scripting (XSS)
Site Documentation module enables you to display detailed configuration information. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a user with...
Maligno v2.0 - Metasploit Payload Server
Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...