Twenty Year Anniversary
Showing 1 - 25 of 157 RSS Feed

Files

Gentoo Linux Security Advisory 201607-17
Posted Jul 29, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201607-17 - BeanShell is vulnerable to the remote execution of arbitrary code via Java serialization or XStream from an untrusted source. Versions less than 2.0_beta6 are affected.

tags | advisory, java, remote, arbitrary
systems | linux, gentoo
MD5 | 23f542a382e590d4cac84010c6e705e7
Debian Security Advisory 3635-1
Posted Jul 29, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3635-1 - Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, debian
advisories | CVE-2014-9906, CVE-2015-8949
MD5 | 33c26c77e3467008c0dcf4e21badd253
Kaspersky Safe Browser Man-In-The-Middle
Posted Jul 29, 2016
Authored by David Coomber

Kaspersky Safe Browser suffers from a man-in-the-middle vulnerability.

tags | advisory
advisories | CVE-2016-6231
MD5 | c560a316f015bf550738b9123c203979
Microsoft Wireless Desktop 2000 Insufficent Verification / Mouse Spoofing
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Microsoft Wireless Desktop 2000 suffers from insufficient verification of data authenticity and mouse spoofing vulnerabilities.

tags | advisory, spoof, vulnerability
MD5 | b73986f6554a8d1cc61cf81fe43805d5
Perixx Computer PERIDUO-710W Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Perixx Computer PERIDUO-710W suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
MD5 | d7c52d85bb5b49cc8ba2df7470e40e92
Perixx Computer PERIDUO-710W Crypto Issues / Replay Attacks
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Perixx Computer PERIDUO-710W suffers from cryptographic issues and replay attack vulnerabilities.

tags | advisory, vulnerability
MD5 | 5be987af40b71d5a2d3ad6e4b4b03329
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
MD5 | 9d35173008df1e662621e74e12145316
Intel Crosswalk Project Man-In-The-Middle
Posted Jul 29, 2016
Site wwws.nightwatchcybersecurity.com

The Intel Crosswalk Project library for cross-platform mobile development did not properly handle SSL errors. This behavior could subject applications developed using this library to SSL MITM attacks.

tags | advisory
advisories | CVE-2016-5672
MD5 | 96bee80375033730cb0a1ef3f89f1521
Debian Security Advisory 3633-1
Posted Jul 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3633-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-8338, CVE-2016-4480, CVE-2016-4962, CVE-2016-5242, CVE-2016-6258
MD5 | 2859d980e9dfa66f578671f534f642b0
Avaya VOSS 4.1.0.0 SPB Traffic Traversal
Posted Jul 28, 2016
Authored by Jason Ostrom, Samuel Neves, Salim Neino

Avaya Fabric Connect VSP, under specific conditions, can accept and process specially crafted and spoofed Ethernet frames, which can lead to unauthorized access to devices intended to be secured from untrusted traffic sources. The vulnerability is caused by mishandling VLAN and I-SID indexes within the Fabric infrastructure. Version 4.1.0.0 is affected.

tags | advisory, spoof, file inclusion
advisories | CVE-2016-2783
MD5 | f02096b50e622203bb163b74fe089702
Red Hat Security Advisory 2016-1519-01
Posted Jul 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1519-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.6 release serves as a replacement for JBoss Operations Network 3.3.5, and includes several bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5220, CVE-2016-0800, CVE-2016-3737
MD5 | 1294e33323c878f03c6dbf78f49675b5
Debian Security Advisory 3632-1
Posted Jul 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3632-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.26. Please see the MariaDB 10.0 Release Notes for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440
MD5 | 6a63d41b2221e53bba10d6c102449b58
Ubuntu Security Notice USN-3043-1
Posted Jul 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3043-1 - Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610
MD5 | ec4c1a77bea8adc7b6a490c82da87ee1
Debian Security Advisory 3631-1
Posted Jul 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3631-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2016-5385, CVE-2016-5399, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297
MD5 | 2328ec58e388adf57c5e7375ca33a47f
Debian Security Advisory 3630-1
Posted Jul 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3630-1 - Secunia Research at Flexera Software discovered an integer overflow vulnerability within the _gdContributionsAlloc() function in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of this flaw to cause a denial-of-service against an application using the libgd2 library.

tags | advisory, remote, overflow
systems | linux, debian
advisories | CVE-2016-6207
MD5 | cf36a8a9c85fd78e1e7d5b1332553751
HP Security Bulletin HPSBST03603 1
Posted Jul 27, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03603 1 - HPE StoreVirtual products running LeftHand OS has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2015-7547
MD5 | 012229a5df8c1c0e82d0f792a61ab8b0
Red Hat Security Advisory 2016-1504-01
Posted Jul 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1504-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610
MD5 | 870735457f0f89ea51732b294c9f1c7a
Ubuntu Security Notice USN-3042-1
Posted Jul 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3042-1 - Andreas Cord-Landwehr discovered that KDE-Libs incorrectly handled extracting certain archives. If a user were tricked into extracting a specially-crafted archive, a remote attacker could use this issue to overwrite arbitrary files out of the extraction directory.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-6232
MD5 | 969fa9eac2718cb537be2404033e0c6b
Red Hat Security Advisory 2016-1489-01
Posted Jul 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1489-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-4565
MD5 | f5eaa76a3c2e7438652e25ce7f90e49d
Debian Security Advisory 3629-1
Posted Jul 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3629-1 - Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2015-7974, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518
MD5 | b8690cb4b41c7112666bc70d64edeead
Bamboo Deserialization Issue
Posted Jul 26, 2016
Authored by David Black, Moritz Bechler

This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability.

tags | advisory
advisories | CVE-2016-5229
MD5 | 22f79e542f62355e4c2c0534dfa98069
Red Hat Security Advisory 2016-1487-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1487-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2119
MD5 | 13985a01ba457254943f202aa225d9c7
Red Hat Security Advisory 2016-1486-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1486-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2119
MD5 | 79725d74233e0c186184fc379c5f8f9a
Red Hat Security Advisory 2016-1485-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1485-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.82. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1705, CVE-2016-1706, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137
MD5 | 0bc0e2e603f42b5c7459977fed796f4c
Red Hat Security Advisory 2016-1484-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1484-01 - Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and the remote management of multiple Linux deployments with a single, centralized tool. Security Fix: A stored cross-site scripting flaw was found in the way spacewalk-java displayed monitoring probes. An attacker can embed HTML and Javascript in the values for RHNMD User or Filesystem parameters in Satellite, allowing them to inject malicious content into the web page that is then displayed with that probe data.

tags | advisory, remote, web, javascript, xss
systems | linux, redhat
advisories | CVE-2016-3080, CVE-2016-3097
MD5 | e81be85d90a8a40a5304b949c33f3d47
Page 1 of 7
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
The SIM Hijackers
Posted Jul 19, 2018

tags | headline, hacker, phone, fraud, password
Thousands Of US Voters' Data Exposed By Robocall Firm
Posted Jul 19, 2018

tags | headline, hacker, government, privacy, usa, data loss
Password Stealing Spying Malware Targets Ukrainian Government
Posted Jul 19, 2018

tags | headline, government, malware, cyberwar, spyware
PayPal's Venmo Found Leaking Transaction Details
Posted Jul 19, 2018

tags | headline, privacy, bank, data loss, flaw, paypal
007 Code Helps Stop Spectre Exploits Before They Exist
Posted Jul 17, 2018

tags | headline, flaw, patch, intel
Trump Wants To Work With Russia On Infosec. Security Experts: Lol No.
Posted Jul 17, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar, spyware
Thousands Of Mega Logins Dumped Online, Exposing User Files
Posted Jul 17, 2018

tags | headline, privacy, data loss, password
Early Warning System Hunts Election Hackers
Posted Jul 17, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar
After Indictment, Russian Hackers' Lives Changed Forever, Ex-Ambassador Says
Posted Jul 16, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar, spyware
Can Graphical Passwords Keep Us Secure Online?
Posted Jul 16, 2018

tags | headline, data loss, password
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close