223 matches found
CVE-2015-5489
The Drupal Smart Trim module (7.x-1.x) is affected by an XSS vulnerability in versions prior to 7.x-1.5 due to insufficient input filtering in the field settings form. This allows remote authenticated users with certain permissions to inject arbitrary script/HTML. Impact is partial integrity loss...
CVE-2015-5489
Cross-site scripting XSS vulnerability in the Smart Trim module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors involving the field settings form...
Updated kernel-tmb packages fix security vulnerabilities and bugs
Updated kernel-tmb fixes security, critical data corruption and pdata loss issues This kernel-tmb update is based on upstream -longterm 3.14.43 and fixes a security issue, and critical data corruption and data loss issues: drivers/vhost/scsi.c: potential memory corruption CVE-2015-4036 ext4...
Drupal Smart Trim Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. Smart Trim Module for Drupal is a module application for Drupal. The Drupal Smart Trim Module for Drupal handles cross-site scripting vulnerabilities in field setup forms, allowing remote attackers to exploit the...
Smart Trim - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-102
This module implements a new field formatter for textfields text, textlong, and textwithsummary, if you want to get technical that improves upon the "Summary or Trimmed" formatter built into Drupal 7. The module doesn't sufficiently filter user input via the field settings form. This vulnerabilit...
MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22900/info MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain select statements to database metadata. An attacker can exploit this issue to crash the application, denying access ...
Localize: Full Path Disclosure (FPD) in www.localize.im
Hi, I found an information disclosure vulnerability/Full Path Disclosure on your application. Proof of Concept ------------------------- GET : https://www.localize.im/projects/projiect ID/languages/Language ID POST CONTENT:...
Localize: Path Disclosure (Info Disclosure) in http://www.localize.io
Hello, I found a information disclosure vulnerability. How to reproduce: GET : http://www.localize.io/ POST : signinusername=test&signinpassword=test The info from page is Warning: trim expects parameter 1 to be string, array given in...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2038-1)
An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...
Ubuntu: Security Advisory (USN-2038-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for linux-lts-quantal USN-1947-1
Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN19471.nasl 8672 2018-02-05 16:39:18Z teissa $ Ubuntu Update for linux-lts-quantal USN-1947-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu Update for linux-ti-omap4 USN-1945-1
Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN19451.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux-ti-omap4 USN-1945-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Ubuntu Update for linux USN-1944-1
Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN19441.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for linux USN-1944-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...
Ubuntu: Security Advisory (USN-1944-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1947-1)
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
Ubuntu 12.10 : linux vulnerabilities (USN-1944-1)
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1945-1: Linux kernel (OMAP4) vulnerabilities
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1944-1: Linux kernel vulnerabilities
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1938-1: Linux kernel vulnerabilities
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows specified to be run as root. A local could exploit this flaw to run commands as root when using the perf tool. user could exploit this CVE-2013-1060 A flaw was discovered in the Xen subsystem of the Linux kernel when it...
PHP 5.2.x,5.3.x trim,ltrim,rtrim,substr_replace函数信息泄露漏洞
No description provided by source...