SAP MII versions 12.2, 14.0, and 15.0 allow Base64 and DES as an encryption algorithm.
8d8406e9a99282c000153684f4edfedc8fa3af9e5227108e35ed09b9acca615eRVAsec is a Richmond, VA based security convention that brings top industry speakers to the mid-Atlantic region. In its fourth year, RVAsec 2015 attracted nearly 400 security professionals from across the country. For 2016, the conference is a two day and dual-track format, with a mixed focus on technical and management/business presentations. It will be held June 2nd through the 3rd, 2016, in Richmond, VA, USA.
c3aec37d2495faee2eb34edaf1dd2ddaa96337b62b186072d7d1887acf14c381Xymon 4.3.x versions suffers from buffer overflow, information disclosure, code execution, cross site scripting, and various other vulnerabilities.
e26ecbaeb5a8840288e97c4167e8412a009bb41ab790f296521530e68cf80840Ubuntu Security Notice 2896-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys.
675eb78b537992ffb286496ea0c991eedfce2ffb721ea85ad463ea0773973994Ubuntu Security Notice 2898-2 - It was discovered that Eye of GNOME incorrectly handled certain large images. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code.
d08205dc2ebc5b5d0acc98b9b396c64c4040b295948c048a0bcc6bfbda2d6eecUbuntu Security Notice 2897-1 - Hanno Boeck discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. Hanno Boeck discovered that Nettle incorrectly handled carry propagation in the NIST P-384 elliptic curve. Niels Moeller discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. Various other issues were also addressed.
df7a203efaf3488a14da93462980f6902abd64fb32d7d4bc26d5c1a3d30ca9c4Ubuntu Security Notice 2898-1 - It was discovered that GTK+ incorrectly handled certain large images. A remote attacker could use this issue to cause GTK+ applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
550c27a6896eb88baddf3477beb41c1a22bc5263d376fb87b73311b3751cd3b7Red Hat Security Advisory 2016-0174-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. A stored cross-site scripting flaw was found in the smart class parameters/variables field. By sending a specially crafted request to Satellite, a remote, authenticated attacker could embed HTML content into the stored data, allowing them to inject malicious content into the web page that is used to view that data.
bdaf1fecf6f3ad8cb6269b3d5e444878cea3b64aebc3ccb2a48bd29873d42192JMX2 Email Tester suffers from a remote shell upload vulnerability.
c5beb689ef152522477a94f69f6708265474b265a0117096b5ed91472485eb5fDebian Linux Security Advisory 3476-1 - Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system.
e73ad2b93e7cda4e6c8fb29e8d30d337da00ecc73515256d73412e6cb68c8603Debian Linux Security Advisory 3475-1 - Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system.
97224b1e0460c8281f126771bca871f95993eaf9c127de0f00c7d502dbf4b8e1Debian Linux Security Advisory 3474-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt20 library could be leaked via a side-channel attack.
4b3c6cec624729feb1385097c768b19210a88ed628f32462d7b492304d08587fDebian Linux Security Advisory 3477-1 - Holger Fuhrmannek discovered that missing input sanitising in the Graphite font rendering engine could result in the execution of arbitrary code.
f8fcce3447a12964a1c43791e3575e4eace08da6d78d9e251dbdcc8024254b2bNetwork Scanner version 4.0.0.0 SEH crash proof of concept exploit.
4a85052f96081bf9094ec2c460c6af059871b951132359ba2febd25ad1b7999bTiny Tiny RSS suffers from a remote blind SQL injection vulnerability.
234ab4e2f028e31495353f74411342081e06baeaa0ecb8070c1e52a9482835b8Algobox versions 0.9 and below suffer from a DLL hijacking vulnerability.
f5ddc3f29cab443e1ffeeea000be3a28cf0a59e83227d90a6ce5d7891f9179ddGold Movies version 1.0.2 suffers from a remote SQL injection vulnerability.
c7dd009d51bd854b968874d4714936366ce677e1834aaec027b7770d2b06367b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed