9776 matches found
Dotclear 2.9.1 SSRF / XSPA
Dotclear 2.9.1 SSRF/XSPA Vulnerability + Software: https://dotclear.org/ + Author: Wiswat Aswamenakul + Affected version: only tested on 2.9.1 previous version might be affected + Platform: tested on Ubuntu 14.04, PHP 5.5.9 + Description Dotclear has a feature to import blog content through RSS...
How to Export and Import StoreFront Subscription Database on StoreFront 3.6
This article explains how to export and import a StoreFront subscription database on Storefront 3.6. Background The previous versions of StoreFront had different commands to export and import a StoreFront subscription database. The previous commands are now obsolete. The following is the previous...
Manalyze - A static analyzer for PE executables
Manalyzer is a free service which performs static analysis on PE executables to detect undesirable behavior. A static analyzer for PE files Manalyze was written in C++ for Windows and Linux and is released under the terms of the GPLv3 license . It is a robust parser for PE files with a flexible...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-977)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: - Update to 2.6.7 - OpenJDK 7u111 Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domai...
WordPress Plugin Add From Server 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)
WordPress Plugin Add From Server 3.3.2 - Cross-Site Request Forgery Arbitrary File Upload Cross-Site Request Forgery vulnerability in Add From Server WordPress Plugin Abstract It was discovered that Add From Server is vulnerabile to Cross-Site Request Forgery. It can be exploited by luring the...
How to Export a VDISK with Versions
Export existing vDisk from PVS vDisk Store and import as a new vDisk...
CVE-2016-6148
SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a denial of service process termination or execute arbitrary code via vectors related to an IMPORT statement, aka SAP Security Note 2233136...
CVE-2016-6148
SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a denial of service process termination or execute arbitrary code via vectors related to an IMPORT statement, aka SAP Security Note 2233136...
CVE-2016-6148
SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a denial of service process termination or execute arbitrary code via vectors related to an IMPORT statement, aka SAP Security Note 2233136...
CVE-2016-6148
CVE-2016-6148 affects SAP HANA DB 1.00.73.00.389160, with a remote code execution/DoS risk reported via vectors related to an IMPORT statement (SAP Security Note 2233136). Documents confirm the vulnerability allows remote attackers to terminate the process or execute arbitrary code, but no specif...
chromium-browser: use-after-free in blink
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...
CVE-2016-5127
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...
CVE-2016-5127
Removed by vendor...
UBUNTU-CVE-2016-5127
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...
Oracle Database Multiple Vulnerabilities (July 2016 CPU) (FREAK)
The remote Oracle Database Server is missing the July 2016 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as FREAK Factoring attack on RSA-EXPORT Keys, exists in the RDBMS HTTPS Listener package due to the suppo...
CVE-2016-3530
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect integrity and availability via vectors related to PGC / Import...
CVE-2016-3530
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect integrity and availability via vectors related to PGC / Import...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect integrity and availability via vectors related to PGC / Import...
CVE-2016-3489
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors...