896 matches found
CVE-2015-1285
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-tim...
CVE-2015-2869
Affected software: Total Commander FileInfo plugin (version 2.21 affected, fixed in 2.22 per TALOS report). Vulnerability type: Out‑of‑bounds read leading to denial of service and possible application termination. Root cause: Attacker-controlled fields in COFF Archive and LE structures (Archive M...
CVE-2015-4380
Cross-site scripting XSS vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-4380
Cross-site scripting XSS vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-4380
CVE-2015-4380 affects Drupal via the Linear Case module (6.x-1.x) prior to 6.x-1.3. Root cause: insufficient sanitization of user-supplied input in certain Linear Case pages. Impact: XSS vulnerability that could be exploited by remote authenticated users with specific permissions to inject arbitr...
Drupal Linear Case Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in Drupal Linear Case, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or...
Linear Case - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-084
Linear Case module allows you to organize Closed Question documents in case studies. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a user with...
Code injection
The OLE Point of Sale OPOS drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners,...
CVE-2014-7897
HP OPOS CCO drivers released before 1.13.003 are affected by ARBITRARY CODE EXECUTION via OPOSScanner.ocx and related ActiveX controls across HP POS devices. The connected Nessus/HP advisories identify CVE-2014-7897 and related CVEs (e.g., 2014-7888..7898) as remote code execution vulnerabilities...
NXP Semiconductors MIFARE Classic Smartcard - Multiple Security Weaknesses
No description provided by source. source: http://www.securityfocus.com/bid/31853/info MIFARE Classic is prone to multiple security weaknesses: 1. A security weakness may allow attackers to recover the internal state of the linear feedback shift register. 2. A security weakness may allow attacker...
PHP <= 5.3.1 - LCG Entropy Security Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38430/info PHP is prone to a security vulnerability that affects LCG Linear Congruential entropy. Attackers can exploit this issue to steal sessions or other sensitive data. Versions prior to PHP 5.2.13 are affected...
idautomation bar code activex Multiple Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------- IDAutomation Multiple Vulnerabilities url: www.idautomation.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational...
MyBB Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13827/info MyBB is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to...
[SECURITY] Fedora 19 Update: numpy-1.7.2-8.fc19
NumPy is a general-purpose array-processing package designed to efficiently manipulate large multi-dimensional arrays of arbitrary records without sacrificing too much speed for small multi-dimensional arrays. NumPy is built on the Numeric code base and adds features introduced by numarray as wel...
Fedora Update for numpy FEDORA-2014-2289
Check for the Version of numpy OpenVAS Vulnerability Test Fedora Update for numpy FEDORA-2014-2289 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
[SECURITY] Fedora 20 Update: numpy-1.8.0-4.fc20
NumPy is a general-purpose array-processing package designed to efficiently manipulate large multi-dimensional arrays of arbitrary records without sacrificing too much speed for small multi-dimensional arrays. NumPy is built on the Numeric code base and adds features introduced by numarray as wel...
CVE-2013-0338
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity...
CVE-2013-0338
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity...
Fedora Update for leptonica FEDORA-2013-1490
Check for the Version of leptonica OpenVAS Vulnerability Test Fedora Update for leptonica FEDORA-2013-1490 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...