Remote Code Execution

git is vulnerable to Remote Code Execution RCE. The vulnerability is due to lsfiles in lib.rb not un-escaping file paths when using eval, which allows an attacker to execute remote code...

CVE-2018-8046

The getTip method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip method of Action Column...

Oracle Linux 4 : HelixPlayer (ELSA-2010-0094)

From Red Hat Security Advisory 2010:0094 : An updated HelixPlayer package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. HelixPlayer is a media player. Multipl...

Scientific Linux Security Update : HelixPlayer on SL4.x i386/x86_64

Multiple buffer and integer overflow flaws were found in the way HelixPlayer processed Graphics Interchange Format GIF files. An attacker could create a specially crafted GIF file which would cause HelixPlayer to crash or, potentially, execute arbitrary code when opened. CVE-2009-4242,...

HelixPlayer security update

CentOS Errata and Security Advisory CESA-2010:0094 An updated HelixPlayer package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. HelixPlayer is a media player...