Apple iOS Information Disclosure Vulnerability (CNVD-2016-05745)

Apple iOS is an operating system developed for mobile devices. The Web Media Safari View Controller in Apple iOS fails to properly handle user data, allowing remote attackers to exploit the vulnerability to build malicious web pages that could be parsed to obtain sensitive video URL information...

CVE-2016-4603

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

Design/Logic Flaw

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

CVE-2016-4603

CVE-2016-4603 affects Web Media in iOS Safari (prior to 9.3.3) where the handling of Safari View Controller allowed bypassing Private Browsing and obtaining sensitive video URL information. The Apple security content for iOS 9.3.3 describes the Web Media issue and notes it was addressed via impro...

CVE-2016-4603

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

[SECURITY] Fedora 23 Update: struts-1.3.10-18.fc23

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

Remote Code Execution (RCE) And Information Disclosure

Actionpack is vulnerable to information disclosure and remote code execution. This vulnerability affects applications which pass user input directly into the render method in an action view controller without verification. Using this vulnerability, attackers can render files from outside the view...

Microsoft .NET Framework Model View Controller Remote Denial of Service Vulnerability

Microsoft .NET Framework is the new managed code programming model for Windows. A remote denial of service vulnerability exists in the Microsoft .NET Framework Model View Controller, which can be exploited by an attacker to cause a denial of service...

[SECURITY] Fedora 22 Update: struts-1.3.10-14.fc22

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

Important: Red Hat Security Advisory: ror40-rubygem-activerecord security update

Updated ror40-rubygem-activerecord packages that fix one security issue are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Apache Struts ClassLoader操作漏洞

CVE ID：CVE-2014-0094 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。 该应用程序允许访问直接映射到“getClass（）”方法的“class”参数 ，这可以被利用来操纵所使用的应用程序服务器的ClassLoader。 0 Apache Struts 2.x 厂商补丁： Apache ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://struts.apache.org/release/2.3.x/docs/s2-020.html...

struts 2.3.14.2 命令执行漏洞

Apache Struts框架是一个基于Java Servlets,JavaBeans和JavaServer PagesJSP的Web应用框架的开源项目,Struts基于Model-View-ControllerMVC的设计模式,可以用来构件复杂的Web应用.Apache Struts 2.3.14.3（不含）以前版本中， 利用Action名字的模糊匹配特性可以触发命令执行攻击。 Struts 2.3.14.3...

Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. ================================================================================================================= o Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerability Software : Broadcast Machine version 0.1 Vendor :...