exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 156 RSS Feed

Files

Gentoo Linux Security Advisory 201607-17
Posted Jul 29, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201607-17 - BeanShell is vulnerable to the remote execution of arbitrary code via Java serialization or XStream from an untrusted source. Versions less than 2.0_beta6 are affected.

tags | advisory, java, remote, arbitrary
systems | linux, gentoo
SHA-256 | 8cbd5347c9492cda9ad7577fe18ec401eb4bdf1aa72804764fc84bce3743dad1
Debian Security Advisory 3635-1
Posted Jul 29, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3635-1 - Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, debian
advisories | CVE-2014-9906, CVE-2015-8949
SHA-256 | 4cc23f574ef6aa3358542080d68a419fe0c1ffc881e7106d9f7c28022dfb4863
Kaspersky Safe Browser Man-In-The-Middle
Posted Jul 29, 2016
Authored by David Coomber

Kaspersky Safe Browser suffers from a man-in-the-middle vulnerability.

tags | advisory
advisories | CVE-2016-6231
SHA-256 | a69e867e6dee8c1addf7cdbb8600769155deaea15c494c95c4cc860666908b3e
Microsoft Wireless Desktop 2000 Insufficent Verification / Mouse Spoofing
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Microsoft Wireless Desktop 2000 suffers from insufficient verification of data authenticity and mouse spoofing vulnerabilities.

tags | advisory, spoof, vulnerability
SHA-256 | bc89d14332c2b68a2ee9f6c37aaad16729c3eaea94ed00aa4a432e5198e87c01
Perixx Computer PERIDUO-710W Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Perixx Computer PERIDUO-710W suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 8a417656e3f50e51e5bc8be30c76990235aac75b6972f2542d7dafd6526a1364
Perixx Computer PERIDUO-710W Crypto Issues / Replay Attacks
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

Perixx Computer PERIDUO-710W suffers from cryptographic issues and replay attack vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 1a00902e3cc0b35718d10d3b1e91ac8b418d375cddc8f60c930a86c9a262dc22
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier | Site syss.de

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 8d783cf17d0aeb744bc415fcc3f5209b17a3b0f1fec084fd4a66af59968c352f
Intel Crosswalk Project Man-In-The-Middle
Posted Jul 29, 2016
Site wwws.nightwatchcybersecurity.com

The Intel Crosswalk Project library for cross-platform mobile development did not properly handle SSL errors. This behavior could subject applications developed using this library to SSL MITM attacks.

tags | advisory
advisories | CVE-2016-5672
SHA-256 | 12e89d3394051b3849153c0f41c7ede6bc49d185cecbd28616109dd2ff6c0934
Debian Security Advisory 3633-1
Posted Jul 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3633-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-8338, CVE-2016-4480, CVE-2016-4962, CVE-2016-5242, CVE-2016-6258
SHA-256 | 69e2b39b3913e68cc3897dadfc8422de8be200cf50452bcb270d6b48048d7d24
Avaya VOSS 4.1.0.0 SPB Traffic Traversal
Posted Jul 28, 2016
Authored by Jason Ostrom, Samuel Neves, Salim Neino

Avaya Fabric Connect VSP, under specific conditions, can accept and process specially crafted and spoofed Ethernet frames, which can lead to unauthorized access to devices intended to be secured from untrusted traffic sources. The vulnerability is caused by mishandling VLAN and I-SID indexes within the Fabric infrastructure. Version 4.1.0.0 is affected.

tags | advisory, spoof, file inclusion
advisories | CVE-2016-2783
SHA-256 | febf9c8d06e60cb5763c39467e3b800a3a47afa1bfb25a99e6dbc40ebfbb1519
Red Hat Security Advisory 2016-1519-01
Posted Jul 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1519-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.6 release serves as a replacement for JBoss Operations Network 3.3.5, and includes several bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5220, CVE-2016-0800, CVE-2016-3737
SHA-256 | 9e8eda7cc87b09b7d965a2368ef110c52ca58a71169b633cc43b9d107529ee95
Debian Security Advisory 3632-1
Posted Jul 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3632-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.26. Please see the MariaDB 10.0 Release Notes for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440
SHA-256 | 1034107a2809d4f21af57f0bbc38fd4ea778e2457506a9b747c59bfab574464b
Ubuntu Security Notice USN-3043-1
Posted Jul 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3043-1 - Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610
SHA-256 | 7672e7429049c3c41db0b4271e098d23ac3c5c001aab2743839df5e0c4371f15
Debian Security Advisory 3631-1
Posted Jul 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3631-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2016-5385, CVE-2016-5399, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297
SHA-256 | 38a66d762d614a958d7801c279d78dadb3c6ac4fce34ef4bc800ff8d7a0c22ae
Debian Security Advisory 3630-1
Posted Jul 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3630-1 - Secunia Research at Flexera Software discovered an integer overflow vulnerability within the _gdContributionsAlloc() function in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of this flaw to cause a denial-of-service against an application using the libgd2 library.

tags | advisory, remote, overflow
systems | linux, debian
advisories | CVE-2016-6207
SHA-256 | 5da39cc7be7960124d3a3a0b67e4b82259ece63499cc06e95475cdcfd7a14059
HP Security Bulletin HPSBST03603 1
Posted Jul 27, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03603 1 - HPE StoreVirtual products running LeftHand OS has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2015-7547
SHA-256 | 7a1938552ec305f40be8a23af07bd878dc473a9a0b00a6ec1d1ad7c762c07075
Red Hat Security Advisory 2016-1504-01
Posted Jul 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1504-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610
SHA-256 | ac052e67f91771e8218260f935fcd61f4427a255784dc765554eeb67002ea5b8
Ubuntu Security Notice USN-3042-1
Posted Jul 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3042-1 - Andreas Cord-Landwehr discovered that KDE-Libs incorrectly handled extracting certain archives. If a user were tricked into extracting a specially-crafted archive, a remote attacker could use this issue to overwrite arbitrary files out of the extraction directory.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-6232
SHA-256 | 5f7cf77b7f5501688cb173a4207132ce4d544206d68f7befd58ae819acd5d38b
Red Hat Security Advisory 2016-1489-01
Posted Jul 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1489-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-4565
SHA-256 | 92f448af05fa64277d3b3307da793e54460efff59bc1c9ba1edd08af9ef18f34
Debian Security Advisory 3629-1
Posted Jul 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3629-1 - Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2015-7974, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518
SHA-256 | 928596a20913fd01d3f58cfb75578feb56c3ebee5c0640ed9f639ec7fd418fa2
Bamboo Deserialization Issue
Posted Jul 26, 2016
Authored by David Black, Moritz Bechler

This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability.

tags | advisory
advisories | CVE-2016-5229
SHA-256 | dbfb17c0ede40ea6f49b801493783efdda5b7f9fcc1178a440c9e193c5f682f4
Red Hat Security Advisory 2016-1487-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1487-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2119
SHA-256 | 5e149d7d0af0e12329b4e2d54c27f621fef270d560e4bea0d0871820b9af36c1
Red Hat Security Advisory 2016-1486-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1486-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2119
SHA-256 | e4d411131b152ada7bd72521ea7818502f22e7501a4ad8fa7818025ec57a02bd
Red Hat Security Advisory 2016-1485-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1485-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.82. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1705, CVE-2016-1706, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137
SHA-256 | 79a0151a046d4d5d83278b6451a43ce51c7e4a3ae2044801f1685824657092b8
Red Hat Security Advisory 2016-1484-01
Posted Jul 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1484-01 - Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and the remote management of multiple Linux deployments with a single, centralized tool. Security Fix: A stored cross-site scripting flaw was found in the way spacewalk-java displayed monitoring probes. An attacker can embed HTML and Javascript in the values for RHNMD User or Filesystem parameters in Satellite, allowing them to inject malicious content into the web page that is then displayed with that probe data.

tags | advisory, remote, web, javascript, xss
systems | linux, redhat
advisories | CVE-2016-3080, CVE-2016-3097
SHA-256 | fca385e1adee4c3355af668685e712abb94dffc828ffdb015bcc0eb5969e0c41
Page 1 of 7
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close