Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject a

Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inje

Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.

Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.

Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string esc

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the

Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename'

ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker t

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing us

tog-Pegasus has a package hash collision DoS vulnerability

cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE

cobbler: Web interface lacks CSRF protection when using Django framework

mpack 1.6 has information disclosure via eavesdropping on mails sent by other users

A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.

qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readab

Jetty 6.x through 6.1.22 suffers from an escape sequence injection vulnerability from an attack vector b

In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not proper

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a form

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged whe

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when

The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition wh

In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creat

v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow u

Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploite

In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows a

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAt-tribute, which are th

poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilitie

The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercrimin

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT

Microsoft today released updates to plug security holes in its software, including patches to fix at lea

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting go

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocki

Top domain name registrars NetworkSolutions.com-, Register.com and Web.com are asking customers to reset

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrim

While some enterprises appear to be getting an early jump on the security implications of 5G, many are

Photo by Nahel Abdul Hadi on Unsplash Over 90% of data breach is attributed to human error costin