7871 matches found
SUSE-SU-2015:0945-1 Security update for spacewalk-java, spacewalk-setup
The spacewalk-java and spacewalk-setup packages were updated to fix one security issue: CVE-2014-8162: RPC API XML External Entities file disclosure. bsc922525 Security Issues: CVE-2014-8162...
kexec-tools security, bug fix, and enhancement update
2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel support securelevel interface Sriharsha Yadagudde Orabug: 18905671 2.0.7-19.2 - dracut-module-setup: Enhance kdump to support the bind...
DEBIAN-CVE-2015-3294
The tcprequest function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setupreply function, which allows remote attackers to read process memory and cause a denial of service out-of-bounds read and crash via a malformed DNS request...
HP ThinPro OS /usr/bin/hpobl elevation of privilege vulnerability
HP ThinPro OS is a thin client operating system. A vulnerability in HP ThinPro OS /usr/bin/hpobl when invoking Firefox after setup allows attackers to exploit the vulnerability to gain access to the device with root privileges...
Local PHP File Inclusion in ResourceSpace
High-Tech Bridge Security Research Lab discovered vulnerability in ResourceSpace, which can be exploited to include arbitrary local PHP file, execute PHP code, and compromise vulnerable web application and even entire web server on which the application is hosted. The vulnerability exists due to...
Drupal Smart Trim Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. Smart Trim Module for Drupal is a module application for Drupal. The Drupal Smart Trim Module for Drupal handles cross-site scripting vulnerabilities in field setup forms, allowing remote attackers to exploit the...
Mandriva Linux Security Advisory : setup (MDVSA-2015:208)
Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...
UBUNTU-CVE-2015-3294
The tcprequest function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setupreply function, which allows remote attackers to read process memory and cause a denial of service out-of-bounds read and crash via a malformed DNS request...
MGASA-2015-0162 Updated setup packages fix security vulnerabilities
Updated setup package fixes security issue An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that...
Updated setup packages fix security vulnerabilities
Updated setup package fixes security issue An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that...
Same as TD-9436T camera RTSP protocol buffer overflow vulnerability
Tongwei TD-9436T camera is a product of Shenzhen Tongwei Digital Technology Co. In normal user's mode, if an RTSP packet is sent with a method of setup and the string between two consecutive semicolons in the Transport field is longer than 135, the machine will crash with a buffer overflow. An...
[ MDVSA-2015:184 ] setup
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:184 http://www.mandriva.com/en/support/security/ Package : setup Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated setup package fixes security vulnerability: An issue has been...
Faceless: Bypass Setup by External Activity Invoke
Tool Used: Drozer Operating System: Android Kitkat 4.4.2 Note: Make sure the application is running on the device connected to the system. 1. With the help of Drozer tool, list down the activities exported by the application using the following command: run app.activity.info -a im.delight.faceles...
Mandriva Linux Security Advisory : setup (MDVSA-2015:184)
Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...
MGASA-2015-0116 Updated setup package fixes security vulnerability
An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that those files are owned by the root user and...
Updated setup package fixes security vulnerability
An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that those files are owned by the root user and...
Gmail - Spoof email from any sender (Warning and Alert Bypass)
By using this bug you can send a email from any email address to any gmail user and no warning or yellow triangle or else is shown except your message and sender's email. Example: From: email protected To: email protected Subject: Blah blah.. Message : any message Now the victim sees that the...
Python rhn-setup Security Bypass Vulnerability
Python rhn-setup is a Python package. A security bypass vulnerability exists in Python rhn-setup. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack and impersonate a trusted server...
ipa security, bug fix, and enhancement update
4.1.0-18.0.1 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18 - Fix ipa-pwd-extop global configuration caching 1187342 - group-detach does not add correct...
phpok the latest version of the CSRF getshell-a vulnerability warning-the black bar safety net
In the rear of the Typhoon the grid management service is by a get-type request to delete a template, the directory and file name to install lock file install. lock: http://localhost/phpok/admin.php?c=tpl&f=delfile&id=1&folder=./../../ data/&title=The install. lock After the request returns ok,...