The vulnerability of Google Chrome browser allows a hacker to manipulate the URL string.

The vulnerability of the WebContentsImpl::FocusLocationBarByDefault function content/browser/webcontents/webcontentsimpl.cc in the Google Chrome browser exists due to improper handling of calls to certain empty pages. Exploiting this vulnerability can allow a malicious actor to manipulate the URL...

Wireshark ASN.1 BER parser denial of service vulnerability (CNVD-2016-02773)

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A denial of service vulnerability exists in the epan/dissectors/packet-ber.c file in the ASN.1 BER parser in Wireshark version 1.12.x before 1.12.10 and version 2.x before 2.0.2. A...

Moving or deleting an issue leaves the empty attachments subdirectory on the filesystem

To reproduce: Create an issue Attach a file to it Locate the file on the JIRA-server filesystem -- under JIRA "home" directory attachments/..../PROJECT-ISSUE Move the issue to a different project or delete it completely Observe the empty issue subdirectory remaining on the filesystem The director...

DEBIAN-CVE-2016-4418

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers an empty set...

UBUNTU-CVE-2016-4418

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers an empty set...

dnsmasq -- denial of service

reports: Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

The vulnerability of the NX-OS network operating system allows attackers to increase their privileges.

The vulnerability of the NX-OS network operating system is related to the use of a empty root password. Exploiting this vulnerability could allow an attacker, operating locally, to gain increased privileges...

FreeBSD : Botan BER Decoder vulnerabilities (2004616d-f66c-11e5-b94c-001999f8d30b)

The botan developers reports : Excess memory allocation in BER decoder - The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer...

MIT Kerberos 5 kadmind LDAP KDB Module Denial of Service Vulnerability

MIT Kerberos 5 also known as krb5 is a network authentication protocol developed by the Massachusetts Institute of Technology MIT in the United States, which adopts a client/server structure, and both the client and the server side can authenticate each other i.e., double authentication, which...

MIT Kerberos 5 kadmind memory leak vulnerability

MIT Kerberos 5 also known as krb5 is the United States Massachusetts Institute of Technology MIT developed a set of network authentication protocols, which uses a client/server structure, and the client and server side can be authenticated to each other i.e., double authentication to prevent...

DEBIAN-CVE-2016-1983

The clienthost function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service invalid read and crash via an empty HTTP Host header...

UBUNTU-CVE-2016-1983

The clienthost function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service invalid read and crash via an empty HTTP Host header...

FreeBSD : privoxy -- multiple vulnerabilities (a763a0e7-c3d9-11e5-b5fe-002590263bf5)

Privoxy Developers reports : Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer. Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983. Bug discovered with afl-fuzz a...

privoxy -- multiple vulnerabilities

Privoxy Developers reports: Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer. Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983. Bug discovered with afl-fuzz an...

The vulnerability of the Windows operating system allows a perpetrator to circumvent existing access restrictions or establish a connection for an account with a empty password.

The vulnerability of the RDP service implementation in the Windows operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions or establish a connection for an account with a empty password using a...

Microsoft Windows Security Mechanism Bypass Vulnerability (CNVD-2016-00283)

Microsoft Windows is a series of operating systems designed for personal computer and server users from the American company Microsoft. A security vulnerability in the implementation of the Microsoft Windows Remote Desktop Protocol RDP service allows a remote attacker to modify the RDP client to...

CVE-2016-1501

ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages...

DEBIAN-CVE-2015-8715

epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

UBUNTU-CVE-2015-8715

epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

UBUNTU-CVE-2015-8899

Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...