UBUNTU-CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

Push Ups Workout - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Push Ups Workout published at the 'play' market has multiple vulnerabilities...

Windows Live Hotmail PUSH mail - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Windows Live Hotmail PUSH mail published at the 'play' market has multiple vulnerabilities...

Abs – Push-Ups - Arms - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Abs – Push-Ups - Arms published at the 'play' market has multiple vulnerabilities...

30 Day Push Up Challenge - MIT license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application 30 Day Push Up Challenge published at the 'play' market has multiple vulnerabilities...

Runtastic Push-Ups Workout - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Runtastic Push-Ups Workout published at the 'play' market has multiple vulnerabilities...

Samsung Push Service - Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Samsung Push Service published at the 'play' market has multiple vulnerabilities...

Yahoo Deploys Passwordless Account Key Tool

In hopes of eliminating the password, at least on the company’s mobile apps, Yahoo on Friday deployed a stable version of its Account Key mechanism. The feature, essentially two-step authentication—without the first step—allows Yahoo users to log into the company’s Finance, Fantasy, Mail,...

Updated gajim packages fix security vulnerability

Gajim before 0.16.5 doesn't verify the origin of roster pushes thus allowing third parties to modify the roster via a man-in-the-middle attack CVE-2015-8688...

PT-2016-3240 · Yodl +2 · Yodl +2

Name of the Vulnerable Software and Affected Versions: yodl versions prior to 3.07.01 Description: The issue is caused by a buffer over-read in the queue push function, located in queue/queuepush.c. This could allow a remote attacker to compromise the confidentiality, integrity, and availability ...

Gajim Message Interception Vulnerability

Gajim is a suite of free instant messaging software based on the Jabber communication protocol developed by the Gajim project. A security vulnerability exists in versions of Gajim prior to 0.16.5, which can be exploited by remote attackers to modify the roster and intercept messages with the help...

DEBIAN-CVE-2015-8688

Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...

CVE-2015-8688

Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...

Code injection

Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...

CVE-2015-8688

Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...

CVE-2015-8688

Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...

AVM FRITZ!OS Cross-Site Scripting Vulnerability

AVM FRITZ!OS is a set of operating systems used in Fritz!Box wireless router products. A cross-site scripting vulnerability exists in the Push-Service-Mails feature of AVM FRITZ!OS, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be us...

CVE-2015-7242

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...

Cross site scripting

Cross-site scripting XSS vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message...