UBUNTU-CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

CVE-2013-7451

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag...

UBUNTU-CVE-2013-7451

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag...

CVE-2013-7451

Removed by vendor...

CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

CVE-2013-7454

Removed by vendor...

CVE-2016-10141

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or...

CVE-2016-10141

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or...

F5 Networks BIG-IP : libxml2 vulnerabilities (K54225343)

CVE-2016-3627 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash via a crafted XML document CVE-2016-3705 The 1...

CVE-2016-9588

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to an uncaught exception issue. It could occur if an L2 guest was to throw an exception which is not handled by an L1 guest...

UBUNTU-CVE-2015-8978

In Soap Lite aka the SOAP::Lite extension for Perl 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the largest entity, which expands to one billion copie...

pcre: heap buffer overflow in compile_branch()

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

Ruby on Rails Active Record Security Bypass Vulnerability (Jan 2016) - Linux

Ruby on Rails is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

Ruby on Rails Active Record Security Bypass Vulnerability (Jan 2016) - Windows

Ruby on Rails is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

The vulnerability of the distributed Git version control system allows a hacker to execute arbitrary code.

The vulnerability of the distributed Git version control system arises from a numerical overflow condition. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code using a long file name or multiple nested trees, which causes a buffer overflow in the dynami...

The vulnerability of the distributed Git version control system allows a hacker to execute arbitrary code.

The vulnerability of the revision.c file in the distributed version control system Git is related to the use of an incorrect integer data type. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a long file name or by manipulating multiple nested trees, resulti...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)

Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...

Google Chrome < 52.0.2743.116 Multiple Vulnerabilities

Binary data 9490.pasl...

PostgreSQL 9.1.x < 9.1.23 / 9.2.x < 9.2.18 / 9.3.x < 9.3.14 / 9.4.x < 9.4.9 / 9.5.x < 9.5.4 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 9.1.x prior to 9.1.23, 9.2.x prior to 9.2.18, 9.3.x prior to 9.3.14, 9.4.x prior to 9.4.9, or 9.5.x prior to 9.5.4. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists that allows an...

USN-3066-1 postgresql-9.1, postgresql-9.3, postgresql-9.5 vulnerabilities

Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. CVE-2016-5423 Nathan Bossart discovered that PostgreSQL incorrectly handled speci...