11 matches found
EUVD-2013-0030
Malware in sbrugna...
EUVD-2013-0040
Malware in sbrugna...
SUSE CVE-2013-1629
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...
CVE-2018-14620
The OpenStack RabbitMQ container image insecurely retrieves the rabbitmqclusterer component over HTTP during the build stage. This could potentially allow an attacker to serve malicious code to the image builder and install in the resultant container image. Version of openstack-rabbitmq-container...
Akeo Consulting Rufus fails to update itself securely
Overview Akeo Consulting Rufus fails to securely check for and retrieve updates, which an allow an authenticated attacker to execute arbitrary code on a vulnerable system. Description Akeo Consulting Rufus 2.16 retrieves updates over HTTP. While Rufus does attempt to perform some basic signature...
Alt-N WorldClient Pro 2.0 .0.0/2.0.1 .0/Standard 2.0 .0.0 Long URL DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/823/info Alt-N's WorldClient is an email webserver that allows it's users to retrieve email via HTTP. It is susceptible to denial of service attacks due to an unchecked buffer in the request handler. Supplying a long url...
AZL-41159 CVE-2013-1633 affecting package python-pip 24.2-6
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
UBUNTU-CVE-2013-1629
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...
PYSEC-2013-8
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...
SUSE-SA:2005:011: curl
The remote host is missing the patch for the advisory SUSE-SA:2005:011 curl. [email protected] reported a vulnerability in libcurl, the HTTP/FTP retrieval library. This library is used by lots of programs, including YaST2 and PHP4. The NTLM authorization in curl had a buffer overflow in the...
Wingate 4.1 Beta A vulnerability
================================================================= Blue Panda Vulnerability Announcement: Wingate 4.1 Beta A 16/10/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: ========= The logfile servic...