Skip to content
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a…
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a…
Sam Wheating discovered that python-git, a Python library to interact with Git repositories, is vulnerable to shell injection due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command.…
Multiple security issues were discovered in renderdoc a stand-alone graphics debugging tool, which potentially allows a remote attacker to execute arbitrary code.…
It was discovered that there was a potential denial of service attack in Django, the popular Python-based web development framework. EmailValidator and URLValidator were subject to potential regular…
It was discovered that there was a potential denial of service (DoS) in bind9, the popular Domain Name Server (DNS) server. Shoham Danino, Anat Bremler-Barr, Yehuda Afek and Yuval Shavitt…
Open Redirect vulnerabilities were found in libapache2-mod-auth-openidc, OpenID Connect Relying Party implementation for Apache, which could lead to information disclosure via phishing attacks.…
Quadratic runtime with malformed PDFs missing xref marker has been fixed in PyPDF2, a pure Python PDF library. For Debian 10 buster, this problem has been fixed in version…
Issues were discovered in Lemonldap::NG, an OpenID-Connect, CAS and SAML compatible Web-SSO system, which could lead to impersonation of users with a second factor authentication.…
Multiple vulnerabilies were fixed in php-dompdf a CSS 2.1 compliant HTML to PDF converter, written in PHP. CVE-2021-3838…
It was discovered that there was an issue in ruby-doorkeeper, a OAuth2 provider for Ruby on Rails applications. Doorkeeper automatically processed authorization requests without user consent for public clients that have been previously approved, but public…
Multiple security vulnerabilities were found in symfony, a PHP framework for web and console applications and a set of reusable PHP components, which could lead to information disclosure or impersonation.…
Multiple vulnerabilties have been found in yajl, a JSON parser / small validating JSON generator# written in ANSI C, which potentially can cause memory corruption or DoS.…
A Client Authentication Bypass vulnerability has been discovered in the concurrent, real-time, distributed functional language Erlang. Impacted are those who are running an ssl/tls/dtls server using the ssl application either directly or indirectly via other applications. Note that the…
A security issue was discovered in MediaWiki, a website engine for collaborative work, which could result in information disclosure when SQLite files are created within a data directory that has weak permissions.…
Kokorin Vsevolod discovered a Prototype Pollution vulnerability in node-tough-cookie, a RFC6265 Cookies and Cookie Jar library for node.js. The issue is due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode.…
A potential Cross Site Scripting (XSS) vulnerablity (CVE-2022-36180) and session handling vulnerability (CVE-2022-36179 )have been found in fusiondirectory, a Web Based LDAP Administration Program.…
The source package ocsinventory-server, a Hardware and software inventory tool has been updated to address the API change in php-cas due to CVE-2022-39369, see DLA 3485-1 for details.…
A vulnerability has been found in phpCAS, a Central Authentication Service client library in php, which may allow an attacker to gain access to a victim's account on a vulnerable CASified service without victim's knowledge, when the victim visits attacker's…
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.…
文 » A
Scroll Up
×