Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
8f66b44ecd8a0a2c159d1c178faec63e9c0d53fff93187999610850c6570b1f1
HPE Security Bulletin HPESBGN03728 1 - Potential security vulnerabilities in OpenSSL have been addressed in HPE Operations Agent. These vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) and/or Unauthorized Access to Data. Revision 1 of this advisory.
4e6c9784c6f7a55a4f3cd653bd7303fbd4c7385963f7bac5b946c6044920c87d
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32kfull!SfnINLPUAHDRAWMENUITEM.
4c9b80091c609bb2d3baf00d69e5a53a22ed77aecd51bfbe4eab9ab9d4f8ecd1
Multiple bugs have been discovered in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure or denial of service. Under certain circumstances, memory corruption could also be possible.
87918a29340a0f40627209d6efebf5fdc4fa4d8187afd47124e311d939064579
concrete5 version 8.1.0 suffers from a host header injection vulnerability.
87b68124a633c85f3d133f78abf1cc5f99befd4e143952fd568f6a3dfb8a04cd
Agorum Core Pro version 7.8.1.4-251 suffers from an XML external entity injection vulnerability.
5c97508695298b8a89755d63be627cc2b32ea74f25600dd1f309a386314a7fef
Agorum Core Pro version 7.8.1.4-251 suffers from a reflective cross site scripting vulnerability.
9a0b09816cee17b0adca3c6d62bbd0095b75e32616a1008d817275c0aa8f1b66
This Metasploit module exploits an unauthenticated command injection in Alienvault USM/OSSIM versions 5.3.4 and 5.3.5. The vulnerability lies in an API function that does not check for authentication and then passes user input directly to a system call as root.
d72c139011d02b5dd53490824fea6a9d33d4ea93c69d1eaa4c8702f390b4d945
GNS3 Mac OS-X version 1.5.2 ubridge privilege escalation exploit.
a5e76f57b9fe4ca0325f3a4fbe2fcec453b432eccb24a18d312f44c6c0d6947d
Word Directory Script version 2.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
5b69a90341965fd38f7c86374a141680f315557e4ee3953c218701a49407ad6c
Agorum Core Pro version 7.8.1.4-251 suffers from a cross site request forgery vulnerability.
a5bc07a827c37468c33ac3f27445bcd040b7898c4d9e3bc67d76692c0cf6189c
Agorum Core Pro version 7.8.1.4-251 suffers from a persistent cross site scripting vulnerability.
0e174fa21d039c7949fe776968052b63f7d7afc36d6e44ae1a9dd62831d712cd
PonyOS version 4.0 fluttershy LD_LIBRARY_PATH local kernel exploit.
6867351b25180ee9a58f9f9c9a924f9ce0d77cf00cf72948ef60b4c78af6b5b6
Agorum Core Pro version 7.8.1.4-251 suffers from an insecure direct object reference vulnerability.
a3f9756f52008717452d88125817c194d9a290c64b74b3c43ad09fc625a0dbe0
Hipchat server versions prior to 2.2.3 suffer from a remote code execution vulnerability that can be leveraged via Administrative Imports.
607fef099ad5faf68b7433b02457043b6d6c288f2e724d183ad5b65fb66f406b
Coppermine Gallery versions 1.5.44 and below suffer from a directory traversal vulnerability.
29f200ffcc0c01af4c8bb99c41ae0a82b17a73070333106e21afc34990b382ce
SedSystems D3 Decimator suffers from default credential and local file disclosure vulnerabilities.
30e71a2e924700d68946538cff7d0f87bb02615b8297043b63f0dbb2275f4336
31 bytes small Linux x86_64 execve("/bin/sh") shellcode.
6d03c586b507befaa73eca2baefc15439bb353750fb404074dd1dfd2201f8e9d