Red Hat Security Advisory 2016-1094-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: A vulnerability was found in the STI build process in OpenShift Enterprise. Access to STI builds was not properly restricted, allowing an attacker to use STI builds to access the Docker socket and escalate their privileges.
9e7713afc2bf16c384a8dc63fbb0d707a04f446cb1f6dae65f1062ccd48021c2Red Hat Security Advisory 2016-1095-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: An origin validation vulnerability was found in OpenShift Enterprise. An attacker could potentially access API credentials stored in a web browser's localStorage if anonymous access was granted to a service/proxy or pod/proxy API for a specific pod, and an authorized access_token was provided in the query parameter.
9f0438501be43d234df548f08d68f63b5b68e8f3e714803ca13d67d2c888277aHP Security Bulletin HPSBGN03564 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Release Control. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
ef1f742fc4bd3c96553859d5c5aa86f5e72396632889706992696756f56636d0Debian Linux Security Advisory 3584-1 - Gustavo Grieco discovered several flaws in the way librsvg, a SAX-based renderer library for SVG files, parses SVG files with circular definitions. A remote attacker can take advantage of these flaws to cause an application using the librsvg library to crash.
a0d690d834b83f6fda20eb751f9aff8f53c37624ab560a0721aa17cc8ec01ab1Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
ce1e8b45ffce46c608915e7889cc293c30412abfc07dbc90dd8ba3c32cecc1c4Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
f10a0b46e964863477a1a1c1cc72a063ff7811586d3483db228278a5181de15dWordPress Brafton plugin version 3.3.0 suffers from a cross site scripting vulnerability.
3892ab1d003f41f07168502f9e5f6aef23d2da0523045619b7f5cdae1c604776GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.
e3370a3bf60f2ca4a6204461ea99e7d7047ee46f96bc2fb7c63f103312d3c9c7GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.
f53453857e369d66d665c40389201c0b9dacb7ccda560fd21b20b798687a4239Tuninfoforyou versions 2 and 2.5 appear to have a backdoor account of admin/admin.
e46b27b7198cf9427028f5400fd6095baf51d940716b313d1a1589f28aee6a8eVirIT Explorer versions Lite 8.1.68 and Pro 8.1.68 suffers from a local privilege escalation vulnerability.
99e7b9f6307895078411a34926f56ccf4cf7a8402380f92d3b0c10f55187df4e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed