Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
0e73edb2911791644d82a62ab4f75517bbed339c0f21aadc0eb307b313643885Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.
10f87d3d1b9071caa4665070b4aa0e2d5a5dea176d6602bf53f8a85c7ceff9c0WebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution, memory corruption, cookie theft, and various other issues.
3a18e3f692c17224ea98fd036f7468cb2c7bfb6852fc969ed1c8f78cbe39dd1dApache Solar version 7.0.1 suffers from XML external entity injection and remote code execution vulnerabilities.
329a2e9c8a0283ae00e021c2cda2241153ca88f96329701ff8bb3b1e24590293Hashicorp vagrant-vmware-fusion versions 4.0.24 and below suffer from a local privilege escalation vulnerability. This is the same issue that affected the last version but the vendor failed to properly address the issue.
2cb26079ab06ec8a05cd23e2aa7f7c6eade23fa70488b78f51502f1080d09a9cSlackware Security Advisory - New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
00701a59a7ccfacff5f0b7c265dffab9bcd8df28608126b39ede7a33588c1267Slackware Security Advisory - New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
f7c456a7cfe81d5c9734a699a0a652dab3b12565a843c373d120f438a762b7deSlackware Security Advisory - New libXres packages are available for Slackware 14.1, 14.2, and -current to fix a security issue.
ba4dee4196f1fd0039a52c066dad8f5928def70d4e1cdb78f9f3eece879723ccRed Hat Security Advisory 2017-2913-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs-tough-cookie. Security Fix: A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.
207c9f5b3bfa8096b0ad3099446383171cdc1c188392fa25bf0c7d8733b6f491Red Hat Security Advisory 2017-2912-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs4-nodejs-tough-cookie. Security Fix: Regular expression denial of service flaws were found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.
15d05375027e414524dfcc71c88c277757bdd2644e884d5051db86ec3f021974Red Hat Security Advisory 2017-2911-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol.
ddcbb28cce8084e45243003d804c9765d7684845b992495ebc4aa25bdd7ef4afFaraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
8749dfb5916b82c6da453895e037b3417086d95623477cd4ab68ec4a0829ccf1Career Portal version 1.0 suffers from a remote SQL injection vulnerability.
bb6523f38398e0d0f2e8e2af045462b6396038ed7689b6fab9425b758ff4f02aWordPress Car Park Booking plugin suffers from a remote SQL injection vulnerability.
c86b381b1f4fd169219a8b898ead95fb7b0d6c40c0ed205f45b21138b4f9705fThis Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
1b927278ff93e0ef884d0b2ecb9b3c9214f1647b82ce8f6a2c763f4196246afd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed