Call For Papers for Positive Hack Days VII which will take place May 23rd through the 24th, 2017 in Moscow, Russia.
69b7d4bfd1b5a24ada951022c4b0bc04
The call for papers for x33fcon has been announced. It will take place April 24th through the 28th, 2017, in Poland.
2c527735beebd90f3873496e2927d922
Multiple versions of Siemens SIMATIC suffer from a cross site request forgery vulnerability and poor cookie security settings.
c590ef7662fc1519d4471789c6f70ff1
ntpd versions 4.2.7p22 up to but not including 4.2.8p9 and 4.3.0 up to, but not including 4.3.94 suffer from a remote denial of service vulnerability. The vulnerability allow unauthenticated users to crash ntpd with a single malformed UDP packet, which cause a null pointer dereference.
be759033c96dac4a8b8ca928858c34f1
WonderCMS versions 0.9.8 and below suffer from a cross site scripting vulnerability.
e2a28c660515d898832111ca2eeae753
Ubuntu Security Notice 3135-1 - Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into opening a crafted FLC movie file with a GStreamer application, an attacker could cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program.
be14e9806d2c1070bd0d1e8050c7e414
Ubuntu Security Notice 3134-1 - It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
0ce8a8b98671640d3e776ca2617dbc64
Ubuntu Security Notice 3132-1 - Harry Sintonen discovered that tar incorrectly handled extracting files when path names are specified on the command line. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly overwrite arbitrary files.
21a351a2a2e62a37fb6212a8f3a502f0
Gentoo Linux Security Advisory 201611-20 - A buffer overflow in TestDisk might allow remote attackers to execute arbitrary code. Versions less than 7.0-r2 are affected.
279de891c0cb389b4f5a5fa3118167c8
Gentoo Linux Security Advisory 201611-19 - A path traversal attack in Tar may lead to the remote execution of arbitrary code. Versions less than 1.29-r1 are affected.
783036497dc82f9c3d4367e40dd9e618
Gentoo Linux Security Advisory 201611-18 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 23.0.0.207 are affected.
b4dad1bba7f1c0a49548caa6bb90485d
Gentoo Linux Security Advisory 201611-17 - A buffer overflow in RPCBind might allow remote attackers to cause a Denial of Service. Versions less than 0.2.3-r1 are affected.
317520e0b7f39cb17af4985261e246d2
Gentoo Linux Security Advisory 201611-16 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 54.0.2840.100 are affected.
6524a0d98d5305d544035554bd859099
Gentoo Linux Security Advisory 201611-15 - Multiple vulnerabilities have been found in Poppler, the worst of which allows remote attackers to execute arbitrary code. Versions less than 0.42.0 are affected.
e4dafa71c09a02a5b1942d4719ffa69d
Microsoft Internet Explorer 8 suffers from an MSHTML Ptls5::LsFindSpanVisualBoundaries memory corruption vulnerability.
2561677fa778ca5273f5c0c211c6b058
NodCMS Installer suffers from a client-side cross site scripting vulnerability.
f4144d79ddd1e8a9a55392b22dfcc621