Ubuntu Security Notice 3504-1 - Wei Lei discovered that libxml2 incorrectly handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
2d7133902f073433cd35586f29033e49d7a38a7defd8701eaf17ac23e034f979Ubuntu Security Notice 3504-2 - USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. Various other issues were also addressed.
550891e209d1dfc899c955eda46fc3dcf88795f550d0ab9e7aba26c3842b2c2dRed Hat Security Advisory 2017-3384-01 - Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille. Security Fix: A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially allow arbitrary code execution.
1a0bf6f98741008508a385c3309778f12866e75fa61c2f513f8dc753f48b212aWordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
a05b059e1de95d32d822c5f6bc6f1883f623d572f53d12dac27bca4c0cea3a39VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.
dc6c5ec2366eb6166eb7b5ba27a41e8273d90373aa4c3f39b97e8ab9e3cbe815Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner versions 10.1 and below suffer from a stack buffer overflow vulnerability.
a59d636515be6ca89561ff29721505d9bf3a28ea5e4eba109fda29df19bd00e5WordPress WP Mailster plugin version 1.5.4.0 suffers from a persistent cross site scripting vulnerability.
37fa64bfee610bf9b21e5b9f49bb10c5b002d32d4802946a042e53f6bb33e301BSides SF is soliciting papers and presentations for the 2018 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 15th through the 16th, 2018.
3309bfd7427077510f3a8daea523b692cd1993d1c7857abb7c2cd0eecefe4fb4WordPress Z-URL Preview plugin version 1.6.1 suffers from a persistent cross site scripting vulnerability.
f085060078b1cd385017021bff5914dfed6f195967a9ca5d623b710fde2558a8WordPress Super Simple Custom CSS plugin version 1.2 suffers from a persistent cross site scripting vulnerability.
b18fda0d1738e55af004cf075d75ccc6cfcc510a0ea9658ca2a4c9ca0e6e854aWordPress 3rd-Party Inject Results plugin version 0.2 suffers from a persistent cross site scripting vulnerability.
89409319c0ee73580c4df3126a2c104b6729c995fbe75a9c71fa8917a8a6ef66Chakra suffers from a CFG bypass by overwriting JavaScript bytecode.
daeedb6b41591772a884afa12e566a242f6e1b0d3ee1312f4e2dfdeff93e89ebCharka suffers from a CFG bypass due to a bug in ServerFreeAllocation.
3d19e7cbedb472d2428edd6222fbd45a4c7b0fc67382167d792c513a4d2719d5Chakra suffers from a CFG bypass with leafInterpreterFrame. Every JavaScript variable in Chakra (except a tagged int) is a pointer. From this pointer, using an arbitrary read, it is possible to follow a chain of pointers and end up with a pointer to the native stack. This allows disclosing the stack location and subsequently overwriting a return address on the stack leading to CFG bypass.
e0fbcd6d6c6068eeac50241aac0d32bd46ce7a53f66113cb469ea260e17d8537Arq Backup versions 5.9.7 and below suffer from a local root privilege escalation vulnerability.
0e161c5efdf746f9724868c34a011bbcdcfdd5de616bd01f8cdaf98ec4ded091
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed