Security News

CVE-2016-8516

National Vulnerability Database - Thu, 02/15/2018 - 17:29
A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
Categories: Security News

CVE-2016-8517

National Vulnerability Database - Thu, 02/15/2018 - 17:29
A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
Categories: Security News

CVE-2016-8518

National Vulnerability Database - Thu, 02/15/2018 - 17:29
A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
Categories: Security News

CVE-2016-8519

National Vulnerability Database - Thu, 02/15/2018 - 17:29
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
Categories: Security News

CVE-2016-8520

National Vulnerability Database - Thu, 02/15/2018 - 17:29
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
Categories: Security News

CVE-2016-8521

National Vulnerability Database - Thu, 02/15/2018 - 17:29
A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.
Categories: Security News

CVE-2016-8522

National Vulnerability Database - Thu, 02/15/2018 - 17:29
A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.
Categories: Security News

CVE-2011-4973

National Vulnerability Database - Thu, 02/15/2018 - 16:29
Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.
Categories: Security News

CVE-2014-0013

National Vulnerability Database - Thu, 02/15/2018 - 16:29
Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose context is set to a user-supplied primitive value and also contain the `{{this}}` special Handlebars variable.
Categories: Security News

CVE-2014-0014

National Vulnerability Database - Thu, 02/15/2018 - 16:29
Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application using the "{{group}}" Helper and a crafted payload.
Categories: Security News

CVE-2018-7173

National Vulnerability Database - Thu, 02/15/2018 - 16:29
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.
Categories: Security News

CVE-2018-7174

National Vulnerability Database - Thu, 02/15/2018 - 16:29
An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.
Categories: Security News

CVE-2018-7175

National Vulnerability Database - Thu, 02/15/2018 - 16:29
An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.
Categories: Security News

Bugtraq: [SECURITY] [DSA 4114-1] jackson-databind security update

SecurityFocus Vulnerabilities - Thu, 02/15/2018 - 16:20
[SECURITY] [DSA 4114-1] jackson-databind security update
Categories: Security News

Bugtraq: Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

SecurityFocus Vulnerabilities - Thu, 02/15/2018 - 16:20
Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM
Categories: Security News

Bugtraq: [SECURITY] [DSA 4113-1] libvorbis security update

SecurityFocus Vulnerabilities - Thu, 02/15/2018 - 16:20
[SECURITY] [DSA 4113-1] libvorbis security update
Categories: Security News

Bugtraq: [SECURITY] [DSA 4112-1] xen security update

SecurityFocus Vulnerabilities - Thu, 02/15/2018 - 16:20
[SECURITY] [DSA 4112-1] xen security update
Categories: Security News

CVE-2018-7050

National Vulnerability Database - Thu, 02/15/2018 - 15:29
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick.
Categories: Security News

CVE-2018-7051

National Vulnerability Database - Thu, 02/15/2018 - 15:29
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.
Categories: Security News

CVE-2018-7052

National Vulnerability Database - Thu, 02/15/2018 - 15:29
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur.
Categories: Security News

Pages