Ubuntu Security Notice 3466-1 - Karim Hossen & Thomas Imbert discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop responding, resulting in a denial of service.
15654f7b9bfda368625350be74ee70e10914df21ae1590e6c0adaa651fe09731
Bomgar Remote Support suffers from a local privilege escalation vulnerability. Versions affected include 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4.
628baf055f0972c1c6fa79f1adf972440b7c5ee8c14fec41ee37efb1bf1f599e
Ubuntu Security Notice 3465-1 - Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. Joseph Bisch discovered that Irssi incorrectly removed destroyed channels from the query list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. Various other issues were also addressed.
5c34e3c728888e5bb51ce6fb31a8c69e09c89e18bf7c2c9c340b2b4830202fe0
Red Hat Security Advisory 2017-3075-01 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit these flaws to potentially execute arbitrary code.
902f3f20b7a3e90d479fc1b3fd04bacf4050c8b64fac72cde48820817e759dfc
Ubuntu Security Notice 3464-1 - Antti Levomaki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of service, or possibly execute arbitrary code. Dawid Golunski discovered that Wget incorrectly handled recursive or mirroring mode. A remote attacker could possibly use this issue to bypass intended access list restrictions. Various other issues were also addressed.
25ac05cd4bd4147a63b1bd247d8cfad5fce3534a6793e49418e3508809cb3eff
Red Hat Security Advisory 2017-3071-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: Two vulnerabilities were discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message.
83d626d761ac5b1571348346a206a3346fbe4cc8a141d14a89a1ac2a9aad2203
HitmanPro version 3.7.15 Build 281 kernel pool overflow exploit.
408bf8b107019c5f2a85c3f424fae90139e0c7cc821429e9f874f8e28211b69d
PHPMailer versions 5.2.21 and below suffer from a file disclosure vulnerability.
eeaeefcdff3722b2ec1cf3d9459357dc5de426bb7f1c9fb2f39b503acf3a27d4
Ubuntu Security Notice 3463-1 - It was discovered that Werkzeug did not properly handle certain web scripts. A remote attacker could use this to inject arbitrary code via a field that contains an exception message.
8d133b0cb1c8a7c0ca926fa9d77a07bcfff12fefa3f47dc07a668322984d7532
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
da5e7c56de700078c640a0eaaa287e9643cb97d56dc08a942a48fbd3fe8700f1
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
7df6298860a59f410ff8829cf7905a50c8b3a9094d51a8553603b401e4b5b1a1
Mura CMS versions prior to 6.2 suffer from server-side request forgery and XML external entity injection vulnerabilities.
c741fa594f6ecdac9c58e2a524f6ef11f7b20005c381775459dc8b4332c6578d
FS Shutter Stock Clone suffers from a remote SQL injection vulnerability.
b03d0d2ae4dbffe3e2a8581d0d8cfe905b13a447a0b904b2b58e281444538f34
FS Thumbtack Clone suffers from a remote SQL injection vulnerability.
4676e679078b5d30f8b727ef735fa41aa70c4e777df264bc33615df5b55ff764
FS Trademe Clone suffers from a remote SQL injection vulnerability.
2c7628a451f7e42509025ee13ccb7d4cab819c455ff2513dacc9b5a2ba24788a
FS Monster Clone suffers from a remote SQL injection vulnerability.
ee5a6e1e75975e5578c4906c309a34c30b53ea2ecf3c72b2cc19e80b87d4e1da
FS Care Clone suffers from a remote SQL injection vulnerability.
97cd6706ff38ead6bbb290b2a4228364e62e6c2bdb44699e2f2fee01a5b87303
FS Crowdfunding Script suffers from a remote SQL injection vulnerability.
2fcfe6b3957e9208e9d07c8d948a930167e2a1720cc80433b922a6e8ce6fb09b
FS Realtor Clone suffers from a remote SQL injection vulnerability.
365b962ed908ebe5642c162c0fd4b3ae512e4c3ec4b6f6560d702adc42a4fe1c