CVE-2020-12100

A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability. Mitigation Upstream suggests...

The vulnerability of the library for working with relational DBMSs like SQLAlchemy lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the library for working with relational DBMSs like SQLAlchemy is related to the lack of protective measures taken against the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to the lack of protective measures for website structures, allowing attackers to execute cross-site scripting attacks.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a speciall...

The vulnerability of the exec function in the umount package manager of the NPM allows a hacker to execute arbitrary commands.

The vulnerability of the exec function in the umount package manager of the NPM is related to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Bootstrap plugin for toolkits used to create websites and web applications allows attackers to perform cross-site scripting attacks.

The vulnerability of the Bootstrap plugin for toolkits used in creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server stems from the lack of measures taken to protect the structure of web pages. This allows attackers to execute cross-site scripting attacks.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending a...

The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the lack of protection for website structures, allows attackers to execute cross-site scripting attacks (XSS attacks) during the use of web server applications.

The vulnerability of the building management software management of access control, security systems, video surveillance, and automation in Andover Continuum System is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious act...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting attacks.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially create...

Information Disclosure

kernel is vulnerable to information disclosure. The padding data in several core network structures was not initialized properly before being sent to user-space, possibly leading to information leaks...

Information Disclosure

The kernel is vulnerable to Information Disclosure. Due to missing initialization flaws found in the Linux kernel, padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the code for the HFS and HFS Plus HFS+ file systems failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The ext2 and ext3 filesystem code failed to properly handle corrupted data structures, leading to a possible local denial of service issue when read or write operations were performed...

CVE-2019-20637

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...

CVE-2016-7053

In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...

CVE-2020-9343

CVE-2020-9343 affects signotec signoPAD-API/Web (Windows) prior to 3.1.1. The issue arises from unbounded parsing of nested JSON structures in WebSocket data, enabling a DoS when a victim visits an attacker‑controlled site and sends deeply nested JSON arrays. Affected component is the Websocket P...

TSA Admits Liquid Ban Is Security Theater

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid hand sanitizer up to 12 ounces. However, the agency cautioned that the shift could mean slightly longer waits at checkpoint because the...

The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Enterprise Server stems from the lack of protective measures for website structures. This allows attackers to execute cross-site scripting attacks and execute arbitrary code in the context of the current user.

The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Enterprise Server packages is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks and execute arbitrary code...

The vulnerability of the message validation function in symfony/framework-bundle of the Symfony software development and web application management platform lies in the lack of measures to protect website structures, allowing attackers to carry out XSS attacks.

The vulnerability of the message validation function in symfony/framework-bundle of the Symfony software development and web application management platform is related to the lack of measures to protect website structures. Exploiting this vulnerability could allow a malicious actor to execute XSS...

[SECURITY] Fedora 31 Update: kernel-headers-5.4.18-200.fc31

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

Nfstream - A Flexible Network Data Analysis Framework

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...