CentOS Update for thunderbird CESA-2015:0266 centos5

Check the version of thunderbird SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882127";...

Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)

An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file...

WordPress Infusionsoft Gravity Forms Add-on Plugin Unrestricted File Upload

An unauthorized file upload vulnerability has been reported in WordPress Infusionsoft Gravity Forms Add-on Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a...

WordPress Ninja Forms 2.8.8 Cross Site Scripting

============================================================ - Title: Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability - Vulnerable Version: 2.8.8 and probably prior -Tested Version:2.8.8 - Vendor Notification: 20 November 2014 - Vendor Patch: 20 November 2014 -Vulnerabili...

Ninja Forms <= 2.8.8 - Stored & Reflected XSS

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Stored & Reflected XSS security vulnerability...

Oracle Forms and Reports Multiple Unspecified Vulnerabilities (January 2015 CPU)

Binary data oracleformsreportsjan2015cpu.nbin...

Unspecified Vulnerability in Oracle Forms Services Subware

Oracle Forms Developer is the ORACLE company provides for the development of Web database applications tool set. A security vulnerability exists in the Oracle Forms Forms Services child that could be exploited by remote attackers to compromise system confidentiality...

CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

CVE-2015-0420

Oracle CVE-2015-0420 concerns Oracle Forms in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2. It is described as an unspecified vulnerability affecting confidentiality via Forms Services with unknown vectors. The connected documents do not supply concrete technical details (root cause, affected s...

CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

Design/Logic Flaw

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940...

CVE-2014-3314

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940...

Wordpress Plugin Cforms 14.7 Remote Code Execution Vulnerability

Cforms version 14.7 suffers from a remote code execution vulnerability. Advisory: Remote Code Execution via Unauthorised File upload in Cforms 14.7 Author: Zakhar Fedotkin Affected Software: Wordpress Plugin Cforms II 14.x-14.7 Release: 12th Nov 2014 Vendor URL:...

Cforms 14.7 Remote Code Execution

Advisory: Remote Code Execution via Unauthorised File upload in Cforms 14.7 Advisory ID: - Author: Zakhar Fedotkin Affected Software: Wordpress Plugin Cforms II 14.x-14.7 Release: 12th Nov 2014 Vendor URL: https://wordpress.org/plugins/cforms2/ Vendor Status: fixed CVE-ID: -...

WordPress Live Forms Plugin <= 1.2.0 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability, because form input fields on blog front-end are not filtered. The attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

Live Forms <= 1.2.0 - Unauthenticated Stored Cross-Site Scripting (XSS)

Form input fields on the blog front end are not properly sanitised. The unsanitised user input will be displayed in "WordPress Admin Form entries". Screenshots: http://imgur.com/Oflsb3n http://imgur.com/jHaZR5O...

Ninja Forms <= 2.8.9 - Unspecified Issue Affecting Admin Users

This version includes a fix for a potential security vulnerability for admin users...

CVE-2014-8493

ZTE ZXHN H108L with firmware 4.0.0dZRQGR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/accesscwmp1...