MikroTik RouterOS version 6.36.2 suffers from a cross site scripting vulnerability.
574ec10eda68efe29907bd928181fa09546feacfc51f2df9f2838424e1afe544
Intel Identity Protection Technology Host Interface Service jhi_service.exe version 1.2.22.0 suffers from a privilege escalation vulnerability.
14832098b81d64e739a2fecd4bd6aa5e7c3384ed340e5a3e844ad6a1d4673d0c
Intel Management and Security Application Local Management Service LMS.exe version 7.1.13.1088 suffers from a privilege escalation vulnerability.
382a8b25308c8217a4f9289b263a8803fac71994659b7704e71bf558774d4e01
WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.
dad348fbfcafead56be5e0cbe894d149a654cc0e0a985c5d4ecbd785eae06fff
An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.
7a6aaf418ea8e714659aa334b04274d3631ce06a115fe6141fe555d1aa58a51d
WordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.
f561f52225402b48f3f253963d3a14e7732f445a9eb81cedba6aa67394d63d00
Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure file permission vulnerability.
12ab3c47e222e2424905eb04541b8502f7178bbf5977133e83cb3a134c9d7aa0
During a recent penetration test Computest found and exploited various issues in Observium, going from unauthenticated user to full shell access as root.
4041a850a24306c4f6f7dc1fc7c8b76067ff726516808322d468925aa4244a4f
Ubuntu Security Notice 3129-2 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.
a29f0d3e3e2ebd12adeba1d4689ca7d3c299aeea87e2ec97e3512daef8e67939
Ubuntu Security Notice 3128-2 - USN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
bb5f7821787ec046a4f18c437fee1c4babaada3a07138c01ab7433aba49a6459
Ubuntu Security Notice 3127-1 - It was discovered that the compression handling code in the Advanced Linux Sound Architecture subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service. Kirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.
01cea1fce1227c7940b3e746c63d4a2d4b996f91e65b161b9da444fd843eb62d
Ubuntu Security Notice 3129-1 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.
dd14ea01c353f7c9b48c2adcbf07fa50f6b0a15a6a46ca85b0d9700963342534
Ubuntu Security Notice 3128-3 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.
913ba46b3ae9d9c566f6d8b725cbdaf54e98cc4d79e03714bb9f79f51f89d7ab
Ubuntu Security Notice 3126-1 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service. Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg implementation in the Linux kernel. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
4bbf1d4ea527ad684dcc5fc5db86dbe5395379408e2920a2bad340c35edb6728
Ubuntu Security Notice 3128-1 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.
fa0fb5c655ad6f62fb22e8029251c9321a38dba3f9f91c5f204325d1b11eb9d1
Ubuntu Security Notice 3127-2 - USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the compression handling code in the Advanced Linux Sound Architecture subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
7ef8e046784e759daa37ac14a887334035715f84aedb6b85a0db639ce1c7fa5e
Ubuntu Security Notice 3126-2 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service. Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg implementation in the Linux kernel. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
4ccc284737a64c8c3f06bc96c110403bf3c05592a73bbe558b184db66d8d1d08
A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected.
59cce5048bc779a87a1b48d11a7eaae8585ecf4fcf88a05433fae03944d7dfd8
Shellcode Compiler is a program that compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows. It is possible to call any Windows API function in a user-friendly way. Shellcode Compiler takes as input a source file and it uses it's own compiler to interpret the code and generate an assembly file which is assembled with NASM. Shellcode compiler was released at DefCamp security conference in Romania, November 2016.
55cc199ca20c621cb3d3d2444ac5f6f9f88eafbc79dc2fa9711f8cf538b5d486
vBulletin versions 4.2.3 and below suffer from a remote SQL injection vulnerability in the forumrunner add-on.
c52ff5beedbd614d5ea96f159e21d95f2550dcd2a7551bccca3ddefeb3ca20a7