Debian DSA-4171-1 : ruby-loofah - security update

The Shopify Application Security Team reported that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, allows non-whitelisted attributes to be present in sanitized output when input with specially crafted HTML fragments. This might allow to mount a...

[SECURITY] [DSA 4171-1] ruby-loofah security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4171-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2018 https://www.debian.org/security/faq -...

lighttpd - multiple vulnerabilities

Lighttpd Project reports: Security fixes for Lighttpd: security: encode quoting chars in HTML and XML security: ensure gid != 0 if server.username is set, but not server.groupname security: disable statcache if server.follow-symlink = “disable” security: httpoxy defense: do not emit HTTPPROXY to...

UBUNTU-CVE-2016-1974

The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via crafted Unicode data in an HTM...

[WiFi Password Decryptor v3.0] Wireless Password Recovery Software

WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system. It automatically recovers all type of Wireless Keys/Passwords WEP/WPA/WPA2 etc stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays followi...

KeyPass Password Safe 1.22 Cross Site Scripting

Exploit for php platform in category web applications Title: ====== KeyPass Password Safe v1.22 - Software Filter Vulnerability Introduction: ============= KeePass is a very famous & free open source password manager, which helps you to manage your passwords in a secure way. You can put all your...