10 matches found
EUVD-2016-7464
Malware in sbrugna...
Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse
Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 to prevent their abuse for data collection. "This will help ensure that apps only use these API...
Ubuntu: Security Advisory (USN-4117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:1851-1) (SACK Slowness)
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: A device could have been tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1829-1)
The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such...
CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...
Viva Visitor And Volunteer ID Tracking 0.95.1 SQL Injection
Exploit Title: Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: https://viva-visitor.sourceforge.io/ Software Link: https://sourceforge.net/projects/viva-visitor/files/latest/download Version: 0.95.1...
Viva Visitor Volunteer ID Tracking 0.95.1 - fname SQL Injection
Viva Visitor Volunteer ID Tracking 0.95.1 - fname SQL Injection Exploit Title: Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: https://viva-visitor.sourceforge.io/ Software Link:...
SA-CONTRIB-2014-120 - Piwik Web Analytics - Information disclosure
This module enables you to integrate Drupal with Piwik Web Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an accou...
SA-CONTRIB-2014-119 - Google Analytics - Information disclosure
This module enables you to integrate Drupal with Google Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an account ...