971 matches found
CVE-2017-17514
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...
CVE-2017-17514
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...
CVE-2017-17058
The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template...
Better field descriptions - Critical - XSS - SA-CONTRIB-2017-064
This module enables you to add themeable descriptions to fields in forms. The module doesn't sufficiently sanitize descriptions. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "add better descriptions to fields". CVE identifiers issued ACVE...
CVE-2017-9614
The fillinputbuffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due to a bug in downstream cod...
CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
UBUNTU-CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
Ruby: Ruby 2.3.x and 2.2.x still bundle DoS vulnerable verision of libYAML
libYAML 0.1.6 and 0.1.5 has a DoS vulnerablitity known as CVE-2014-9130. Now Ruby 2.4.x bundles fixed version 0.1.7, but 2.3.x and 2.2.x still bundle 0.1.6. Note that I'm the maintainer of Ruby 2.3.x and 2.2.x. Therefore, this report is a kind of remainder...
CVE-2017-9200
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63...
CVE-2017-9171
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24...
Scheduler Workbench Integration - Critical - Unsupported - SA-CONTRIB-2017-39
Updates 20170414 - A new module maintainer has been found and a new release for this module has been published. Provides integration between the Scheduler module and the Workbench Moderation module. The security team is marking this module unsupported. There is a known security issue with the...
Storage API stream wrappers - Moderately Critical - Access bypass - SA-CONTRIB-2017-010
This module provides stream wrappers to integrate Storage API with Drupal, as an alternative to Storage API's corebridge submodule. It provides two stream wrappers: "Storage API Public" and "Storage API Private". The private storage API doesn't sufficiently performs access control allowing...
[SECURITY] [DSA 3738-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3738-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 18, 2016 https://www.debian.org/security/faq -...
Downloads Resources over HTTP
Overview Affected versions of haxe-dev insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...
Debian DLA-492-1 : pdns security update
It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected. For Debian 7 'Wheezy', these problems have been fixed in version 3.1-4.1+deb7u1. Note that if you're running the pdns server with the mysql...
DLA-492-1 pdns - security update
Bulletin has no description...
Drupal Commerce - Less Critical - Information disclosure - SA-CONTRIB-2016-019
This module enables you to build an online store that uses nodes to display products through the use of product reference fields. The default widget for those fields is an autocomplete textfield similar to the taxonomy term reference field's autocomplete widget. As you type in the textfield, the...
Fast Autocomplete - Critical - DOS vulnerability - SA-CONTRIB-2016-016
This module enables you to show IMDB-like suggestions when entering terms into an input field using json files to "cache" suggestions making the autocomplete very fast. The module doesn't sufficiently validate the incoming language parameter in the request path when a json file of the module is...