There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result...
Read MoreGeniXCMS 1.0.2 has XSS triggered by a comment that is mishandled during a publish operation by an administrator, as demonstrated by a malformed P element.
Read MoreEMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and 6.0 before 6.0.1.0 is affected by a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system.
Read MoreWordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for user-assisted remote attackers to reset arbitrary passwords by making a crafted...
Read Morerpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a...
Read More