Red Hat Security Advisory 2016-2120-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
81fa87cf714f78bd02f4b7b24c5f2e82
Red Hat Security Advisory 2016-2119-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.643. Security Fix: This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
b8173b311e76e17de8a64f59ca99ca8c
Ubuntu Security Notice 3111-1 - A use-after-free was discovered in service workers. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via program crash, or execute arbitrary code. It was discovered that web content could access information in the HTTP cache in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
9bea6b9b1fc1b4b2a39b0c8eda87ab4c
Ubuntu Security Notice 3114-2 - USN-3114-1 fixed a vulnerability in nginx. A packaging issue prevented nginx from being reinstalled or upgraded to a subsequent release. This update fixes the problem. Dawid Golunski discovered that the nginx package incorrectly handled log file permissions. A remote attacker could possibly use this issue to obtain root privileges. Various other issues were also addressed.
1c6d037cf5e608a6ff3b81e9f8a2c714
Red Hat Security Advisory 2016-2101-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.
8627988deda3df96d960796befeb04fb
The GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name(s) specified on the command line. Versions 1.14 through 1.29 are affected.
d3225fb0115eb0e014c2558c2c124a7d
CherryTree version 0.36.9 memory corruption proof of concept exploit.
398fad4cb2fa52540527dc4eb4bcd30e
Joomla versions 3.4.4 through 3.6.4 suffer from account creation and privilege escalation vulnerabilities.
3fe6c7b3a01877242c6866ee23c71c2f
HP Security Bulletin HPSBMU03653 1 - Multiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in cross-site scripting (XSS), arbitrary code execution, Denial of Service (DoS), and/or unauthorized disclosure of information. Revision 1 of this advisory.
b0a00ddd465b7222f8adb6967f5ebc81
HP Security Bulletin HPSBHF3549 1 - A security vulnerability identified with UEFI firmware, dubbed ThinkPwn, has been addressed in certain HP commercial notebook PCs and HP consumer notebook PCs. The vulnerability could be exploited to run arbitrary code in System Management Mode, resulting in elevation of privilege or denial of service. Revision HPSBHF3549 of this advisory.
7752358273ab72a83a76b275628ccef9
uSQLite version 1.0.0 suffers from a denial of service vulnerability.
42f1c98c73cc211fbccdfca4fcd88dfb
This post-exploitation Metasploit module requires a meterpreter session to be able to upload/inject our SearchIndexer.exe into WSearch (windows search) service. The WSearch service uses one executable.exe set in binary_path_name and runs it has local/system at startup, this enables local privilege_escalation/persistence_backdooring. To exploit this vulnerability a local attacker needs to inject/replace the executable file into the binary_path_name of the service. Rebooting the system or restarting the service will run the malicious executable with elevated privileges.
a65c14277120170f43d085605996c152
GNU GTypist version 2.9.5-2 suffers from a local buffer overflow vulnerability.
8d5e69c246a52b38beafd0b81d21b63b
3dCart version 7.3.0 suffers from a cross site scripting vulnerability.
4b8e8677adade0cb28586f4b412337d7
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
2fe9db7c9d12f4e49f980e7c5bb73683