exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 198 RSS Feed

Files

HP Security Bulletin HPSBST03629 1
Posted Aug 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03629 1 - A potential security vulnerability has been identified with HP StoreFabric B-series switches. The vulnerability could be remotely exploited resulting in disclosure of privileged information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-4376
SHA-256 | 60dfeffeab93ed3fd5862d279067ca304090e8eedbadf0cd03e8fa83060c6baa
Ubuntu Security Notice USN-3061-1
Posted Aug 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3061-1 - Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password lengths. A remote attacker could use this issue to cause OpenSSH to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-6210, CVE-2016-6515
SHA-256 | 380999cba357e2595697463d6456f1f369ee299011b921357ee88539c371e7e6
Debian Security Advisory 3648-1
Posted Aug 15, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3648-1 - Multiple vulnerabilities were discovered in the dissectors for NDS, PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-6504, CVE-2016-6505, CVE-2016-6506, CVE-2016-6507, CVE-2016-6508, CVE-2016-6509, CVE-2016-6510, CVE-2016-6511
SHA-256 | 948433c5a0efef880e357a8569b927248b060de0f012798fc7a760fd53353c3c
Linksys E2500 / E1200 Command Injection
Posted Aug 15, 2016
Authored by Samuel Huntley

Linksys E2500 and E1200 devices suffered from a command injection vulnerability.

tags | advisory
SHA-256 | 4809215ff6bf7ac34139ad0ed64e0c279221a469257b12c842d63878327b9050
Linksys E1200 Authorization Bypass
Posted Aug 15, 2016
Authored by Samuel Huntley

Parent controls on the Linksys E1200 suffered from having missing authorization controls.

tags | advisory, bypass
SHA-256 | d69510cd73278b8deb8109b50b2d422b2b1d8c1673b2ab98fec4e63eead695a9
Ubuntu Security Notice USN-3047-2
Posted Aug 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3047-2 - USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. Various other issues were addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-4952, CVE-2016-5107, CVE-2016-5126, CVE-2016-5337, CVE-2016-5403
SHA-256 | 6cde5cb99c15b597456c232a84fe2c4a2d7a2394f9e433c09f015f5e373d1fc2
HP Security Bulletin HPSBGN03630 2
Posted Aug 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03630 2 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed in the AdminUI of HP Operations Manager for Unix, Solaris and Linux. The vulnerability could be exploited remotely to allow remote code execution. Revision 2 of this advisory.

tags | advisory, java, remote, code execution
systems | linux, unix, solaris
advisories | CVE-2016-4373
SHA-256 | d663eec4579facf8f6a81f46b5a6f77f682c0a3bfdeaa267a6fca762dbec6c64
HP Security Bulletin HPSBHF03440 1
Posted Aug 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03440 1 - A potential security vulnerability in JQuery was addressed by HPE Integrated Lights-Out 3. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2011-4969
SHA-256 | d4e4427059bf0f52d590b8440696253f452456d6b56937c208ef0874ee58a1ff
VMware Security Advisory 2016-0011
Posted Aug 12, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0011 - vRealize Log Insight contains a vulnerability that may allow for a directory traversal attack. Exploitation of this issue may lead to a partial information disclosure. There are no known workarounds for this issue.

tags | advisory, info disclosure
advisories | CVE-2016-5332
SHA-256 | b45b5de8dca28391380d0aa9cee3799a1de998079808cf20c36f2871ff683764
Red Hat Security Advisory 2016-1604-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1604-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb100-mariadb. Security Fix: This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440
SHA-256 | 050cf4eb10b6b4d48a4849fc74b4da049ebd99b9f4c1702cf81baba7760d55f1
Red Hat Security Advisory 2016-1602-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1602-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb. Security Fix: This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2016-0640, CVE-2016-0641, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0666, CVE-2016-3452, CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440, CVE-2016-5444
SHA-256 | 9ebe488c20f76b68d7a3cf57698896831bc3b64105719afff7a32233ea62034b
Red Hat Security Advisory 2016-1601-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1601-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2016-3459, CVE-2016-3477, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3614, CVE-2016-3615, CVE-2016-5439, CVE-2016-5440
SHA-256 | f74fd9194852a14f3381406d12fd54322502cd7ad2381d9edfb8f94fb630a507
Red Hat Security Advisory 2016-1603-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1603-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: This update fixes several vulnerabilities in the MariaDB database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440
SHA-256 | 76497b688449c5fc738f3987def49a51af654e16c3cade55c27ea6fd2a668e30
Red Hat Security Advisory 2016-1607-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1607-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | d67f5e6e01f8d9341a59fcc3055fec2ec69675435c8bc04cff2c9ee1c9bd3355
Debian Security Advisory 3647-1
Posted Aug 12, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3647-1 - Multiple security issues have been found in Icedove, Debian's version of lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2016-2818
SHA-256 | 34817b30843cd3047d068ce105c2a9c8c6ed7f94388c6649bd61972ef917036b
Red Hat Security Advisory 2016-1606-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1606-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | 55b580f3cc8e781eb560abc0504ebbb683e94803d14225a9ae6fea8a2aec4eff
Red Hat Security Advisory 2016-1613-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1613-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, php
systems | linux, redhat
advisories | CVE-2016-5385
SHA-256 | e0bf59f5cf1d3c0945e0d6d6e0c15750289bc15a60fccdb2ee9d694dd4128871
Red Hat Security Advisory 2016-1612-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1612-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, php
systems | linux, redhat
advisories | CVE-2016-5385
SHA-256 | f67019f31418549e29743778856e445f5f3d39cc49377c1111e61f49fc4b91de
Red Hat Security Advisory 2016-1611-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1611-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, php
systems | linux, redhat
advisories | CVE-2016-5385
SHA-256 | 55592b7d6ab377e799f0673e09120f679bd0c8e8a43960c9c3d68a564709590b
Red Hat Security Advisory 2016-1610-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1610-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, php
systems | linux, redhat
advisories | CVE-2016-5385
SHA-256 | fcd71ebcda575c41b6353590baddb7b6da04850d4fbba07468173f9919b13631
Red Hat Security Advisory 2016-1609-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1609-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, php
systems | linux, redhat
advisories | CVE-2016-5385
SHA-256 | e4a867d0b2afb3d26671450133c752f70eebf6d1dc0e5c147088d80e10f92350
Red Hat Security Advisory 2016-1605-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1605-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform- as-a-Service solution designed for on-premise or private cloud deployments. The logging auth proxy is a reverse proxy that authenticates requests against OpenShift, retrieving user information and setting the configured header with the appropriate details. Security Fix: A regular expression denial of service flaw was found in Negotiator. An attacker able to make an application using Negotiator to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-1000022, CVE-2016-1000023
SHA-256 | 6ad2d8e1bf8aa294ba67681e11183033dd226d7448b66387c391ec5c901bfed4
Debian Security Advisory 3646-1
Posted Aug 12, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3646-1 - Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-5423, CVE-2016-5424
SHA-256 | c3df4bfd752b1d252e7675808c819927ea0b15f3eb6c0f17bde3866accb51401
Gentoo Linux Security Advisory 201608-01
Posted Aug 11, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201608-1 - Multiple vulnerabilities have been found in OptiPNG, the worst of which could lead to the remote execution of arbitrary code, or cause a Denial of Service condition. Versions less than 0.7.6 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2191, CVE-2016-3981, CVE-2016-3982
SHA-256 | 713c5763445c047353969f292116486ba6c02d364774f61852de0cb87506fb2d
Red Hat Security Advisory 2016-1596-01
Posted Aug 11, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1596-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A cross-site scripting flaw was found in Django. An attacker could exploit the unsafe usage of JavaScript's Element.innerHTML to forge content in the admin's add/change related popup. Element.textContent is now used to prevent XSS data execution.

tags | advisory, web, javascript, xss, python
systems | linux, redhat
advisories | CVE-2016-6186
SHA-256 | 01dc421a3024cf93d2a181c2d77c7cbf33b5392e1fa201d53227350f09ca3849
Page 5 of 8
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close