CVE-2016-10149 (debian_linux, pysaml2)
XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
Read MoreAuthor: Fortify Security Team
CVE-2017-5869 (nuxeo)
Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header.
Read MoreCVE-2017-6087 (eonweb)
EyesOfNetwork (“EON”) 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown...
Read MoreCVE-2015-8556 (qemu)
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
Read MoreCVE-2016-10128 (libgit2)
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted...
Read More