10273 matches found
DSA-2785-1 chromium-browser - several
Bulletin has no description...
Debian: Security Advisory (DSA-2553-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities)
Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. The reported vulnerabilities could lead to the execution of arbitrary code or the bypass of...
[SpearPhisher] A Simple Phishing Email Generation Tool
SpearPhisher is a simple point and click Windows GUI tool designed for mostly non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending...
Watchguard Server Center 11.7.4 Insecure Library Loading
Watchguard Server Center version 11.7.4 suffers from a dll hijacking vulnerability with wgpr.dll. Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION...
Watchguard Server Center 11.7.4 Insecure Library Loading
Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Watchguard Server Center Vendor URL: www.watchguard.com Type: Uncontrolled Search...
Amazon Linux AMI : gdb (ALAS-2013-159)
GDB tried to auto-load certain files such as GDB scripts, Python scripts, and a thread debugging library from the current working directory when debugging programs. This could result in the execution of arbitrary code with the user's privileges when GDB was run in a directory that has untrusted...
Soda PDF Insecure Library Loading Vulnerability - Windows
Soda PDF is prone to insecure library loading vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:soda:sodapdf"; if...
Design/Logic Flaw
Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving 1 an HTML...
CVE-2013-2902
Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving 1 an HTML...
HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
source: https://www.securityfocus.com/bid/61745/info HTC Sync Manager is prone to multiple arbitrary code-execution vulnerabilities. An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a...
Firefox < 23.0 Multiple Vulnerabilities
The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...
Firefox ESR 17.x < 17.0.8 Multiple Vulnerabilities
The installed version of Firefox ESR 17.x is earlier than 17.0.8, and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701 - Errors exist related to the update service and 'maintenanceservice.exe...
Debian DSA-2724-1 : chromium-browser - several vulnerabilities
Several vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2853 The HTTPS implementation does not ensure that headers are terminated by \r\n\r\n carriage return, newline, carriage return, newline. - CVE-2013-2867 Chrome does not properly prevent pop-under windows. -...
[SECURITY] [DSA 2724-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2724-1 [email protected] http://www.debian.org/security/ Michael Gilbert July 17, 2013 http://www.debian.org/security/faq -...
Oracle Linux 5 : kernel (ELSA-2013-0594)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0594 advisory. - fs udf: Fortify loading of sparing table Nikola Pajkovsky 843140 843141 CVE-2012-3400 - fs udf: Improve table length check to avoid possible overflow Nikola...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2044)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-2044 advisory. - hugepages: fix use after free bug in 'quota' handling 15842385 CVE-2012-2133 - mm: Hold a file reference in madviseremove 15842884 CVE-2012-3511 ...
Adobe Acrobat Multiple Vulnerabilities (Apr 2012) - Windows
Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...
FreeBSD : chromium -- multiple vulnerabilities (3b80104f-e96c-11e2-8bac-00262d5ed8ee)
Google Chrome Releases reports : A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some since fixed server-side bugs. 252216 Low CVE-2013-2867: Block pop-unders in various scenarios. 252062 High CVE-2013-2879: Confusion setting up sign-in and...
CVE-2013-2873
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources...