Debian DSA-2860-1 : parcimonie - information disclosure

Holger Levsen discovered that parcimonie, a privacy-friendly helper to refresh a GnuPG keyring, is affected by a design problem that undermines the usefulness of this piece of software in the intended threat model. When using parcimonie with a large keyring 1000 public keys or more, it would alwa...

[SECURITY] [DSA 2860-1] parcimonie security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2860-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 11, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2860-1 (parcimonie - information disclosure)

Holger Levsen discovered that parcimonie, a privacy-friendly helper to refresh a GnuPG keyring, is affected by a design problem that undermines the usefulness of this piece of software in the intended threat model. When using parcimonie with a large keyring 1000 public keys or more, it would alwa...

DSA-2860-1 parcimonie - information disclosure

Bulletin has no description...

SuSE Update for ca-certificates-mozilla openSUSE-SU-2013:1891-1 (ca-certificates-mozilla)

Check for the Version of ca-certificates-mozilla OpenVAS Vulnerability Test $Id: gbsuse201318911.nasl 8650 2018-02-03 12:16:59Z teissa $ SuSE Update for ca-certificates-mozilla openSUSE-SU-2013:1891-1 ca-certificates-mozilla Authors: System Generated Check Copyright: Copyright C 2013 Greenbone...

[SECURITY] [DSA 2818-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2818-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 16, 2013 http://www.debian.org/security/faq -...

Cracked.com Compromised, Serving Malware

The popular humor website, Crackeddotcom reportedly hosted malware that infected the machines of its visitors over the weekend and may still be doing so, according to Barracuda Labs research. The malware proliferated via drive-by-downloads, and it is not known how many systems became infected as ...

Cheng's dance CMSPHP3. 0 stored xss getshell-a vulnerability warning-the black bar safety net

This cms before 9 0 someone made a getshell,when is background verification file problem The official website has been patched, so again, source Because the backend login will also need the authentication code so the injection didn't see. There xss Vulnerability file user/member/skinedit.php trtd...

Oracle Linux 5 : post (ELSA-2008-0839)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2008-0839 advisory. 2.3.3-2.1 - fixed postfix privilege problem with symlinks in the mail spool directory CVE-2008-2936 Resolves: rhbz456717 Tenable has extracted the preceding...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7954 / 7959 / 7960)

The SUSE Linux Enterprise 11 Service Pack 2 kernel was respun with the 3.0.80 update to fix a severe compatibility problem with kernel module packages KMPs like e.g. drbd. An incompatible ABI change could lead to those modules not correctly working or crashing on loading and is fixed by this...

CVE-2013-2004

The 1 GetDatabase and 2 XimParseStringFile functions in X.org libX11 1.5.99.901 1.6 RC1 and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service stack consumption via a crafted file...

PHPMyWind CMS v4. 6. 3 Beta permissions bypass and unauthorized access-exploit warning-the black bar safety net

BUG-1: permission to bypass File location: goodsshow.php Problem code: //Do not allow visitors to place orders skip login ifempty$COOKIE'username' /just a simple determination of whether or not is empty header'location:member. php? c=login'; exit; Brief description: username is cookie get, as lon...

Espcms V5. 6. 1 3. 0 4. 2 2 UTF8 the official version of the background logic validation error vulnerability of the 2/N-vulnerability warning-the black bar safety net

Brief description: System backend permission check logic problems, resulting in the background of a module function is bypassed and unauthorized access Detailed description: 后台 管理员 权限 校验 在 文件 \public\classconnector.php: function adminpurview if $this-fun-accept'archive', 'R' == 'filemanage' &&...

PT-2013-3891 · Red Hat +1 · Red Hat +1

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a security problem, but details are not provided. Recommendations: At the moment, there is no information about a newer...

Fedora 19 : php-sabredav-Sabre_DAV-1.6.5-5.fc19 (2013-7253)

Fixes archives/files problem This update patches the problem in the browser plugin for sabredav. This update patches the problem in the browser plugin for sabredav. This update patches the problem in the browser plugin for sabredav. This update patches the problem in the browser plugin for...

nginx -- multiple vulnerabilities

The nginx project reports: A stack-based buffer overflow might occur in a worker process process while handling a specially crafted request, potentially resulting in arbitrary code execution. CVE-2013-2028 A security problem related to CVE-2013-2028 was identified, affecting some previous nginx...

Adobe Reader PDF-tracking vulnerability reveals when and where PDF is opened

McAfee said it has found a vulnerability in Adobe Systems' Reader program that reveals when and where a PDF document is opened. The issue emerges when some users launch a link to another file path, which calls on a JavaScript application programming interface API, while Reader alerts a user when...

DoD Inspector General Calls Out Army CIO For Poor Mobile Device Security

The CIO of the U.S. Army failed to put in place a comprehensive security program capable of protecting data stored on commercial mobile devices such as iPhones and Androids, leaving sensitive information in key Army installations exposed. The Inspector General of the Department of Defense took th...

Chrome 25 Fixes Nine High-Risk Vulnerabilities

Google has fixed nine high-severity vulnerabilities in its Chrome browser, as well as a dozen other flaws with the release of Chrome 25. This release is one of the few for which the company did not pay out much in the way of bug bounties, only giving out $3,500. In Chrome 25 Google also disabled...

dnsmasq security, bug fix and enhancement update

2.48-13 - Fix the DHCP RELEASE problem when two or more dnsmasq instances are running rhbz887156 2.48-12 - Fixing initscript restart stop functions rhbz850944 2.48-11 - Revert previous changes because of many problems with --bind-dynamic option backport. - Dropping...