IDOR can reveal execution data and logs to unauthorized user in Rundeck

Impact Authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high severity risk, or a very low risk. If access is...

MGASA-2019-0007 Updated units package fixes security vulnerability

A flaw was found in units. unitscur doesn't sanitize downloaded data. This allows a maliciously intended server to execute arbitrary code remotely on the client rhbz1598913...

Scientific Linux Security Update : samba and samba4 on SL6.x, SL7.x i386/x86_64 (20160412) (Badlock)

Security Fixes : - Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user...

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, code execution, data spoofing, crossite scripting, information leakage...

HP Intelligent Management Center User Access Manager code execution

Buffer overflow on TCP/9090 data processing...

CVE-2005-0456

Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: RFC 2397 URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code...

Microsoft Internet Explorer 5 - Document Reference Zone Bypass

source: https://www.securityfocus.com/bid/5841/info A vulnerability has been reported in Microsoft Internet Explorer that may allow for remote attackers to execute script code in the context of other domains/security Zones. The cause appears to be a lack of access control checks when access to a...