opensuse opensuse 12.3 vulnerabilities and exploits

(subscribe to this query)

plugins/rssyl/feed.c in Claws Mail prior to 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote malicious users to spoof servers and conduct man-in-the-middle (MITM) attacks.

Claws-mail Claws-mail Opensuse Opensuse 12.3 Opensuse Opensuse 13.1

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote malicious users to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.

Miniupnp Project Miniupnp 1.9 Opensuse Opensuse 12.3 Opensuse Opensuse 13.1

The mod_security2 module prior to 2.7.0 for the Apache HTTP Server allows remote malicious users to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

Trustwave Modsecurity Opensuse Opensuse 11.4 Opensuse Opensuse 12.2 Opensuse Opensuse 12.3 Fedoraproject Fedora 18

1 EDB exploit

A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM before 3.2.4, 3.1.8, and 3.0.7 and FAQ before 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.

Otrs Faq Otrs Otrs Itsm Opensuse Opensuse 12.2 Opensuse Opensuse 12.3

1 EDB exploit

Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x prior to 3.2.15 allow remote malicious users to cause a denial of service via a crafted e-mail address that is improperly handled during constru...

Rubyonrails Rails Opensuse Opensuse 12.3 Opensuse Opensuse 12.2 Opensuse Opensuse 13.1 Debian Debian Linux 7.0

The PEAR_REST class in REST.php in PEAR in PHP up to and including 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.

Php Php Oracle Solaris 11.2 Opensuse Evergreen 11.4 Opensuse Opensuse 12.3 Opensuse Opensuse 13.1

The compat_sys_recvmmsg function in net/compat.c in the Linux kernel prior to 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.

Linux Linux Kernel Opensuse Opensuse 12.3

4 EDB exploits4 Github repositories

Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox prior to 30.0 allows remote malicious users to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.

Opensuse Project Opensuse 12.3 Opensuse Opensuse 13.1 Mozilla Firefox Oracle Solaris 11.3

The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.10.7, when multiple realms are configured, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted r...

Mit Kerberos 5 Debian Debian Linux 7.0 Opensuse Opensuse 11.4 Opensuse Opensuse 12.2 Opensuse Opensuse 12.3 Opensuse Opensuse 13.1

Multiple off-by-one errors in Icinga, possibly 1.10.2 and previous versions, allow remote malicious users to cause a denial of service (crash) via unspecified vectors to the (1) display_nav_table, (2) print_export_link, (3) page_num_selector, or (4) page_limit_selector function i...

Opensuse Opensuse 12.3 Icinga Icinga Icinga Icinga 1.10.1 Icinga Icinga 1.10.0 Opensuse Opensuse 13.1

« PREV 1 2 3 4 5 6 7 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook