CentOS Update for kernel CESA-2012:0481 centos6

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2012:0481 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

CVE-2011-4582

Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL...

Open redirect

Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL...

SugarCRM 6.3.1 unserialize() PHP Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SugarCRM %q This module exploits a ph...

kernel: regset: Prevent null pointer reference on readonly regsets

The regset aka register set feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a 1 PTRACEGETREGSET or 2 PTRACESETREGSE...

postgresql: Ability of database owners to install procedural languages via CREATE LANGUAGE found unsafe (DoS)

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service server crash by adding the 1 SECURITY DEFINER or 2 SET attributes to a procedural language's call handler...

RedHat Update for busybox RHSA-2012:0810-04

Check for the Version of busybox OpenVAS Vulnerability Test RedHat Update for busybox RHSA-2012:0810-04 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

UBUNTU-CVE-2012-2137

Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execute arbitrary code via vectors related to Message Signaled Interrupts MSI, irq routing entries, and an incorrect check by the...

DEBIAN-CVE-2012-2671

The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache...

Fedora 15 : qemu-0.14.0-9.fc15 (2012-8604)

CVE-2011-1750 virtio-blk: heap buffer overflow bz 698906, bz 698911 - CVE-2011-2527 set groups properly for -runas bz 720773, bz 720784 - CVE-2012-0029 e1000 buffer overflow bz 783984, bz 772075 - virtio-blk: refuse SGIO requests with scsi=off bz 770135 Note that Tenable Network Security has...

Ubuntu Update for postgresql-9.1 USN-1461-1

Ubuntu Update for Linux kernel vulnerabilities USN-1461-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14611.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for postgresql-9.1 USN-1461-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.n...

DEBIAN-CVE-2012-1012

server/serverstubs.c in the kadmin protocol implementation in MIT Kerberos 5 aka krb5 1.10 before 1.10.1 does not properly restrict access to 1 SETSTRING and 2 GETSTRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global...

Mozilla: Buffer overflow and use-after-free issues found using Address Sanitizer (MFSA 2012-40)

Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...

LinkedIn Confirms Millions of Account Passwords Hacked

LinkedIn Confirms Millions of Account Passwords Hacked LinkedIn Wednesday confirmed that at least some passwords compromised in a major security breach correspond to LinkedIn accounts. Norweigan IT website Dagens IT first reported the breach, noting that "Two days ago a package on the 6.5 million...

CVE-2012-1947

Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...

PostgreSQL 'SECURITY DEFINER'和'SET'属性远程拒绝服务漏洞

BUGTRAQ ID: 53812 CVE ID: CVE-2012-2655 PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL在ALTER FUNCTION RENAME的实现上存在远程拒绝服务漏洞，利用此漏洞可允许攻击者使应用崩溃。 0 PostgreSQL 9.x PostgreSQL 8.x 厂商补丁： PostgreSQL ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.postgresql.org...

CVE-2012-1947

Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...

Heap overflow

Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...

CVE-2012-1947

Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...

Mozilla: Buffer overflow and use-after-free issues found using Address Sanitizer (MFSA 2012-40)

Heap-based buffer overflow in the utf16toisolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a...