163 matches found
Verizon Allows Opt Out of UIDH Mobile Supercookie
Verizon Wireless has made a change that now allows customers to opt out of the ad-targeting program that relies on the so-called supercookie identifier that was inserted into Web requests users send. The use of the identifier, known as a UIDH, drew the ire of privacy advocates and users when it w...
CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
Integer overflow
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
UBUNTU-CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
CVE-2014-3158
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package ppp before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "corrupts security-relevant variables."...
Fedora 19 : nss-3.15.3-1.fc19 / nss-softokn-3.15.3-1.fc19 / nss-util-3.15.3-1.fc19 (2013-23301)
This update rebases the nss, nss-util, and nss-softokn packages to nss-3.15.3 and nspr to nspr-4.10.2 in order to address security-relevant bugs have been resolved in NSS 3.15.3. For further details please refer to the upstream release notes at...
CVE-2010-4775
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships...
Code injection
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships...
CVE-2010-4775
CVE-2010-4775 affects Drupal’s Relevant Content module (5.x prior to 5.x-1.4 and 6.x prior to 6.x-1.5). The issue is improper node access logic, enabling remote attackers to discover restricted node titles and relationships. No exploitation details or patches are provided in the connected documen...
CVE-2010-4775
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships...
SA-CONTRIB-2010-104 - Relevant Content - Information Disclosure
The Relevant Content module provides a block and CCK field which contain links to other nodes on the site which are considered "relevant" to the current nodes based on number of shared taxonomy terms. The Relevant Content module does not implement node access logic properly, resulting in the...
Debian: Security Advisory (DSA-638-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-1717
The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...
CVE-2007-1717
The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...
Code injection
The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...
CVE-2006-3017
zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...
CVE-2006-3017
zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...
CVE-2006-1244
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including a pdfkit.framework, b gpdf, c pdftohtml, and d libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in 1 gmem.c, 2 SplashXPathScanner.cc, 3 JBIG2Stream.c...