Astra Linux - уязвимость в ansible

Ansible-playbook -k and Ansible CLI tools, all versions up to 2.8.4; all versions of 2.7.x up to 2.7.13; and all versions of 2.6.x up to 2.6.19. Prompt passwords should be expanded from templates, as these templates may contain special characters. Passwords should be wrapped to prevent triggering...

MailPoet Newsletters 2.6.19 Cross Site Scripting

A cross site scripting vulnerability exists in MailPoet Newsletters WordPress Plugin version 2.6.19. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

WordPress Brizy plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Brizy versions = 2.7.7...

JVN#88385716: HAProxy vulnerable to HTTP request/response smuggling

HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack CWE-444. Impact A remote attacker may...

[SECURITY] Fedora 16 Update: ecryptfs-utils-99-1.fc16

eCryptfs is a stacked cryptographic filesystem that ships in Linux kernel versions 2.6.19 and above. This package provides the mount helper and supporting libraries to perform key management and mount functions. Install ecryptfs-utils if you would like to mount eCryptfs...

Linux Kernel &lt; 2.6.19 udp_sendmsg Local Root Exploit (x86/x64)

No description provided by source. / second verse, same as the first CVE-2009-2698 udpsendmsg, x86/x64 Cheers to Julien/Tavis for the bug, p0c73n1 for just throwing code at NULL and finding it executed This exploit is a bit more nuanced and thoughtful ; use ./therebel.sh for everything At this...