HTML/CSS Injection

HTML/CSS Injection is an attack that injects arbitrary characters into a web page. When an application does not properly handle user-supplied data, an attacker can supply content to a web application, typically via a parameter value which is then reflected in the page. This attack is typically us...

Improper Header Validation

libopendkim.so is vulnerable to Improper Header Validation. The vulnerability exists due to the default setting used for the KeepAuthResults parameter in opendkim.c, which fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, allowing an attacker to send...

DEBIAN-CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

Content Injection

Content Injection is an attack that injects arbitrary characters into a web page. When an application does not properly handle user-supplied data, an attacker can supply content to a web application, typically via a parameter value which is then reflected in the page. This attack is typically use...

EulerOS 2.0 SP5 : freeradius (EulerOS-SA-2019-1574)

According to the version of the freeradius package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - freeradius: eap-pwd: fake authentication using reflection CVE-2019-11234 Note that Tenable Network Security has extracted the preceding...

CentOS 7 : freeradius (CESA-2019:1131)

An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CentOS Update for freeradius CESA-2019:1131 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

freeradius security update

CentOS Errata and Security Advisory CESA-2019:1131 An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: freeradius:3.0 security update

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Scientific Linux Security Update : freeradius on SL7.x x86_64 (20190509)

Security Fixes : - freeradius: eap-pwd: authentication bypass via an invalid curve attack CVE-2019-11235 - freeradius: eap-pwd: fake authentication using reflection CVE-2019-11234 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description...

Important: Red Hat Security Advisory: freeradius security update

An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Synology Photo Station 6.7.3-3432 / 6.3-2967 Remote Code Execution

''' Source: https://blogs.securiteam.com/index.php/archives/3356 Vulnerability details The remote code execution is a combination of 4 different vulnerabilities: Upload arbitrary files to the specified directories Log in with a fake authentication mechanism Log in to Photo Station with any identi...

Microsoft repair SharePoint 2 0 1 3 XSS vulnerabilities-the vulnerabilities and early warning-the black bar safety net

SharePoint is the Microsoft Office Suite in a tool for individuals and companies to create a portal page. The vulnerabilityCVE-2 0 1 5-2 5 2 2by FortiNet's FortiGuard Labs security researchers discovered the vulnerability affects SharePoint 2 0 1 3 15.0.4571.1502 early version. SharePoint is a...

BNC: Input validation flaw

Background BNC is an IRC proxying server Description A flaw exists in the input parsing of BNC where part of the sbufgetmsg function handles the backspace character incorrectly. Impact A remote user could issue commands using fake authentication credentials and possibly gain access to scripts...