CVE-2016-4554
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crated HTTP Host header, aka a "header smuggling" issue.
Source: CVE-2016-4554
[월:] 2016년 05월
CVE-2016-4553
CVE-2016-4553
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
Source: CVE-2016-4553
CVE-2016-4350
CVE-2016-4350
Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor (SRM) Profiler (formerly Storage Manager (STM)) before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) ScriptSchedule parameter in the ScriptServlet servlet; the (2) winEventId or (3) winEventLog parameter in the WindowsEventLogsServlet servlet; the (4) processOS parameter in the ProcessesServlet servlet; the (5) group, (6) groupName, or (7) clientName parameter in the BackupExceptionsServlet servlet; the (8) valDB or (9) valFS parameter in the BackupAssociationServlet servlet; the (10) orderBy or (11) orderDir parameter in the HostStorageServlet servlet; the (12) fileName, (13) sortField, or (14) sortDirection parameter in the DuplicateFilesServlet servlet; the (15) orderFld or (16) orderDir parameter in the QuantumMonitorServlet servlet; the (17) exitCode parameter in the NbuErrorMessageServlet servlet; the (18) udfName, (19) displayName, (20) udfDescription, (21) udfDataValue, (22) udfSectionName, or (23) udfId parameter in the UserDefinedFieldConfigServlet servlet; the (24) sortField or (25) sortDirection parameter in the XiotechMonitorServlet servlet; the (26) sortField or (27) sortDirection parameter in the BexDriveUsageSummaryServlet servlet; the (28) state parameter in the ScriptServlet servlet; the (29) assignedNames parameter in the FileActionAssignmentServlet servlet; the (30) winEventSource parameter in the WindowsEventLogsServlet servlet; or the (31) name, (32) ipOne, (33) ipTwo, or (34) ipThree parameter in the XiotechMonitorServlet servlet.
Source: CVE-2016-4350
CVE-2016-3105 (debian_linux, mercurial)
CVE-2016-3105 (debian_linux, mercurial)
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.
CVE-2016-3105
CVE-2016-3105
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.
Source: CVE-2016-3105
CVE-2015-5208 (cordova)
CVE-2015-5208 (cordova)
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
Source: CVE-2015-5208 (cordova)
CVE-2015-5208
CVE-2015-5208
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
Source: CVE-2015-5208
CVE-2015-5207
CVE-2015-5207
Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.
Source: CVE-2015-5207
CVE-2016-4477 (android)
CVE-2016-4477 (android)
wpa_supplicant 0.4.0 through 2.5 does not reject n and r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
Source: CVE-2016-4477 (android)
CVE-2016-4477
CVE-2016-4477
wpa_supplicant 0.4.0 through 2.5 does not reject n and r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
Source: CVE-2016-4477