Смотрите также связанные темы 17.01.2018 CVE-2015-4958 IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files.
31.01.2018 CVE-2016-1930 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
11.08.2018 Maxthon Browser < 2.0 Stack Overflow PoC Цель: Maxthon Browser версии до 2.0 Воздействие: Отказ в обслуживании
28.08.2018 NetBSD Security Advisory 2008-010: Malicious PPPoE discovery packet can overrun a kernel buffer A bug in range checking
allows a malicious packet to make the kernel access memory outside of the
allocated buffer and cause a kernel crash.
25.09.2018 CVE-2008-4247 ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
30.12.2018 Amaya Web Browser <= 11.0.1 Remote Buffer Overflow Exploit (vista) Цель: Amaya Web Browser 11.0.1 и более ранние версии Воздействие: Выполнение произвольного кода
28.01.2018 CVE-2009-0323 Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
31.01.2018 SYM09-001: Symantec AppStream ActiveX Unauthorized Access Exploitation of this issue could possibly lead to unauthorized information disclosure, system information corruption or potentially allow arbitrary code execution in the context of the user’s browser.
03.02.2018 2009-02-02 - [slackware-security] xdg-utils (SSA:2009-033-01) -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1[slackware-security] xdg-utils (SSA:2009-033-01)New xdg-utils packages are available for Slackware 12.2 and -current tofix security issues. Applications that use /etc/mailcap could be trickedinto running an arbitrary script through xdg-open, and a separate flaw inxdg-open could allow the execution of arbitrary commands embedded in untrustedinput provided to xdg-open.More details about the issues may be found in the CommonVulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename...
09.04.2018 Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA AdaptiveSecurity Appliance and Cisco PIX Security AppliancesAdvisory ID: cisco-sa-20090408-asahttp://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtmlRevision 1.0For Public Release 2009 April 08 1600 UTC (GMT)Summary=======Multiple vulnerabilities exist in the Cisco ASA 5500 Series AdaptiveSecurity Appliances and Cisco PIX Security Appliances. This securityadvisory outlines the details of these vulnerabilities: * VPN Authentication Bypass when Account Override F...
|