16 matches found
EUVD-2006-5969
Malware in sbrugna...
EUVD-2006-7027
Malware in sbrugna...
EUVD-2006-5965
Malware in sbrugna...
EUVD-2006-5968
Malware in sbrugna...
EUVD-2005-4399
Malware in sbrugna...
Fake Tor Browser Installers Distributing Clipper Malware
By Deeba Ahmed It is yet unclear how these fake Tor browser installations are distributed but there are indications that torrents or third-party sources may be responsible. This is a post from HackRead.com Read the original post: Fake Tor Browser Installers Distributing Clipper Malware...
SYS.2.3.A2
Auf Grundlage der Sicherheitsanforderungen und des Einsatzzwecks MUSS ein geeignetes Unix-Derivat bzw. eine geeignete Linux-Distribution ausgewaehlt werden. Es MUSS fuer die geplante Einsatzdauer des Betriebssystems Support verfuegbar sein. Alle benoetigten Anwendungsprogramme SOLLTEN als Teil de...
Amazon Web Services Combing Third Parties for Credentials
Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk. A week ago, a security consultant in Australia said that as many as 10,000 secret Amazon Web...
SA-CONTRIB-2012-008 - Video Filter - Cross Site Scripting
CVE: CVE-2012-1634 The Video Filter module lets you display videos from various third party sources. When videos from Blip.tv are shown, the module fails to sanitize source data before display. This vulnerability is mitigated by the fact that the attacker has to be able to either control the sour...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Invision Power Board IPB or IP.Board 2.2.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via 1 modulebbcodeloader.php, 2 modulediv.php, 3 moduleemail.php, 4 moduleimage.php, 5 modulelink.php, or 6 the...
CVE-2006-7045
CVE-2006-7045 affects Clan Manager Pro (CMPRO) versions 1.1.0 and earlier. The vulnerability is a PHP remote file inclusion flaw that lets an attacker supply a URL via the (1) rootpath and possibly (2) sitepath parameters to (a) cmpro.ext/comment.core.inc.php and (b) cmpro.intern/comment.core.inc...
CVE-2006-6915
ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service port exhaustion via unspecified vectors. NOTE: some details were obtained from third party sources...
CVE-2006-5986
admin/options.php in Extreme CMS 0.9, and possibly earlier, does not require authentication, which might allow remote attackers to conduct unauthorized activities. NOTE: this issue can be combined with another vulnerability to expand the scope of a cross-site scripting XSS attack without...
CVE-2006-4914
Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote attackers to read arbitrary files via ".." sequences in the zelangue02 cookie, as demonstrated by using the choixlng parameter to choixlangue.php to indirectly set the cookie, then accessing livredor.php to trigger the inclusion...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the 1 firstname and 2 lastname parameter in myaccounts.php. NOTE: portions of these details were obtained from third par...
Ubuntu 5.04 : libnet-ssleay-perl vulnerability (USN-113-1)
Javier Fernandez-Sanguino Pena discovered that this library used the file /tmp/entropy as a fallback entropy source if a proper source was not set in the environment variable EGDPATH. This can potentially lead to weakened cryptographic operations if an attacker provides a /tmp/entropy file with...