Exploit the possiblities
Showing 1 - 25 of 211 RSS Feed

Files

Gentoo Linux Security Advisory 201512-13
Posted Dec 31, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-13 - Multiple vulnerabilities have been found in InspIRCd, the worst allowing remote attackers to execute arbitrary code. Versions less than 2.0.20 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6697, CVE-2015-6674, CVE-2015-8702
MD5 | edb3e701a807824fb1c32c18c5461351
Gentoo Linux Security Advisory 201512-12
Posted Dec 31, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-12 - Data validation in KDE Systemsettings could lead to local privilege escalation. Versions less than 4.11.13-r1 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2014-8651
MD5 | 5dda7fc49cadeab85d0a3f645e06c3c1
Gentoo Linux Security Advisory 201512-11
Posted Dec 31, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-11 - A buffer overflow in Firebird might allow remote attackers to execute arbitrary code. Versions less than 2.5.3.26780.0-r3 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2013-2492
MD5 | 153a07d7da19693cc2c87073ebb7597f
Ganeti Leaked Secret / Denial Of Service
Posted Dec 31, 2015
Authored by Open Source CERT, Daniele Bianco

Ganeti, an open source virtualization manager, suffers from multiple issues in its RESTful control interface (RAPI). The distributed replicated storage (DRBD) secret is leaked by the RAPI interface when job results are requested. Leveraging on the knowledge of this secret, a malicious user who had already gained access to the storage network of the cluster can retrieve instance data more easily and reliably. The RAPI interface is also vulnerable to a denial of service condition, triggered via SSL parameter renegotiation issued by a malicious client. The condition leads to resource exhaustion on the master node. Many versions are affected.

tags | advisory, denial of service
advisories | CVE-2015-7944, CVE-2015-7945
MD5 | cf40eb20cfed9c8df94e59272faa5c8c
Gentoo Linux Security Advisory 201512-10
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-10 - Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 38.5.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0798, CVE-2015-0799, CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0810, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816, CVE-2015-2706, CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731
MD5 | 5a2f23b04bc19cb5b4340595d101640e
Gentoo Linux Security Advisory 201512-09
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-9 - Multiple vulnerabilities have been found in encfs, the worst of which can allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.5 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3462
MD5 | 50540635f49365e6d66bee186c095d50
Gentoo Linux Security Advisory 201512-08
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-8 - Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.98.7 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9328, CVE-2015-1461, CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, CVE-2015-2668
MD5 | cc05abba23f7e13c157907311cba5eb9
Gentoo Linux Security Advisory 201512-07
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-7 - A buffer overflow in GStreamer could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.5 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2015-0797
MD5 | ce07f97161ef32025fcacc96db1063ff
Gentoo Linux Security Advisory 201512-06
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-6 - A buffer overflow vulnerability in MPFR could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 3.1.3_p4 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9474
MD5 | 0b1157aa1b85f05b7774a5da54542858
Red Hat Security Advisory 2015-2697-01
Posted Dec 29, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2697-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
MD5 | 9ba4bdd9a7c2d5c79c6acecb99ec23bd
WebKitGTK+ 2.x Use-After-Free / DoS / Code Execution
Posted Dec 28, 2015
Authored by WebKitGTK+ Team

Various 2.x releases of WebKitGTK+ suffer from over 130 vulnerabilities. These range from use-after-free to arbitrary code execution issues.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2013-6663, CVE-2014-1748, CVE-2014-3192, CVE-2014-4409, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4452, CVE-2014-4459, CVE-2014-4465, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071
MD5 | ba603f11beba8793a166702048b873c2
libtiff 4.0.6 Heap Overflow
Posted Dec 28, 2015
Authored by riusksk

libtiff versions 4.0.6 and below suffer from a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-8668
MD5 | 902e48651c2cb404ea2a29567ba1672a
libtiff 4.0.6 Invalid Write
Posted Dec 27, 2015
Authored by Hans Jerry Illikainen

_TIFFVGetField() in libtiff version 4.0.6 may write field data for certain extension tags to invalid or possibly arbitrary memory locations.

tags | advisory, arbitrary
advisories | CVE-2015-7554
MD5 | 9df1198f8ca6ed0f042d0af9ca110922
Slackware Security Advisory - blueman Updates
Posted Dec 24, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New blueman packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-8612
MD5 | f9d06d8f8810448bb90f81e03869b47e
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Dec 24, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 610e160a9e53a1fba824c9d02a8e5684
Debian Security Advisory 3430-1
Posted Dec 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3430-1 - Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317
MD5 | f3330857d7aa33d52f06af280e8fcc7b
WordPress NextGEN Gallery 2.1.10 Shell Upload
Posted Dec 23, 2015
Authored by CSW Research Lab

WordPress NextGEN Gallery plugin version 2.1.10 suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell, file upload
MD5 | d1d6f2b7a68ea003664f05d4a9eb51be
Bugzilla Cross Site Scripting / Information Leak
Posted Dec 23, 2015
Authored by Mario Gomes, Holger Fuhrmannek | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.x through 5.x suffer from cross site scripting and information leak vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2015-8508, CVE-2015-8509
MD5 | 4b370ab90ed098afb6adf4d57fc85268
EMC Secure Remote Services Virtual Edition Path Traversal
Posted Dec 23, 2015
Site emc.com

EMC Secure Remote Services Virtual Edition is affected by a path traversal vulnerability. Attackers could potentially exploit this vulnerability to access unauthorized information by supplying specially crafted strings in input parameters of the application. Version 3.0x is affected.

tags | advisory, remote
advisories | CVE-2015-6852
MD5 | 5a28d742a9a3db6040cd22d59ab2f030
F-Secure F-SecureOnlineScanner.exe DLL Hijacking
Posted Dec 23, 2015
Authored by Stefan Kanthak

F-Secure's F-SecureOnlineScanner.exe suffers from a DLL hijacking vulnerability.

tags | advisory
systems | windows
MD5 | d41ce47bebdd3480e3f92e9e070ac3ec
EMC VPLEX Undocumented Account
Posted Dec 22, 2015
Site emc.com

EMC VPLEX GeoSynchrony code level 5.5 and earlier contains an undocumented account that may potentially be utilized by malicious VPLEX users to gain unauthorized access to the system.

tags | advisory
advisories | CVE-2015-6850
MD5 | c87d08bb3d8eb04d6a5f3e59c025561e
giflib 5.1.1 Heap Overflow
Posted Dec 22, 2015
Authored by Hans Jerry Illikainen

A heap overflow may occur in the giffix utility included in giflib-5.1.1 when processing records of the type IMAGE_DESC_RECORD_TYPE due to the allocated size of LineBuffer equaling the value of the logical screen width, GifFileIn->SWidth, while subsequently having GifFileIn->Image.Width bytes of data written to it.

tags | advisory, overflow
advisories | CVE-2015-7555
MD5 | d56648519cdde09ae45f0e4377a504dd
Red Hat Security Advisory 2015-2696-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2696-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
MD5 | 16130d3937263c90873cfcc3039a917c
Red Hat Security Advisory 2015-2695-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2695-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
MD5 | 6a9a23d8a35299b764d366e01c737292
Red Hat Security Advisory 2015-2694-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2694-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
MD5 | 1c77d985f775a514e879dd8bc403940b
Page 1 of 9
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
German Hacker Offers Rare Look Inside Secretive World Of Julian Assange, WikiLeaks
Posted Jan 18, 2018

tags | headline, hacker, government, britain, data loss, germany
Google Intros Security Center Tool For G Suite
Posted Jan 18, 2018

tags | headline, google
Ex-Santander Bank Manager Pleads Guilty To Computer Misuse Crimes
Posted Jan 18, 2018

tags | headline, privacy, bank, data loss, fraud
BIND Comes Apart Thanks To Ancient Denial Of Service Vuln
Posted Jan 17, 2018

tags | headline, dns, denial of service, flaw
Another Round Of Click-Fraud Extensions Pulled From Chrome Store
Posted Jan 17, 2018

tags | headline, malware, phone, google
Satori Botnet Successor Targets Ethereum Mining Rigs
Posted Jan 17, 2018

tags | headline, malware, bank, botnet, fraud
Flaw In VR Porn App Leaves 20,000 Names Exposed
Posted Jan 17, 2018

tags | headline, privacy, flaw
After False Hawaii Missile Notice, FCC Launches Investigation
Posted Jan 15, 2018

tags | headline, government, usa, cyberwar
MaMi Malware Targets Mac OS X DNS Settings
Posted Jan 15, 2018

tags | headline, malware, dns, fraud, apple
Meltdown-Spectre Patches Causing Issues With Industrial Companies
Posted Jan 15, 2018

tags | headline, flaw, patch, scada, intel
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close