NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP. The users.ldap NixOS module implements user authentication against LDAP servers via a PAM module. It was found that if TLS is...
Read MoreTechnicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with “GET /../” on TCP port 4321.
Read MorePHPMailer 5.2.23 has XSS in the “From Email Address” and “To Email Address” fields of code_generator.php.
Read MoreAn issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the “WebKit” component. It allows remote...
Read MoreAn issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue involves the “EventKitUI” component. It allows remote attackers to cause a denial of service (resource consumption and...
Read More