Debian Linux Security Advisory 4033-1 - Joseph Bisch discovered that Konversation, an user friendly Internet Relay Chat (IRC) client for KDE, could crash when parsing certain IRC color formatting codes.
3ecf35831eaeb7de70576db0197758fda83ea2e6a522a1bcb636db1b928932c7Scala versions 2.1.6 through 2.10.6, 2.11.0 through 2.11.11, and 2.12.0 through 2.12.3 suffer from a privilege escalation vulnerability.
5f61c75c0ac7bd77d2a86da64383a633919d050dd76ccaea329a8f7fc73a1fbaUbuntu Security Notice 3276-3 - USN-3276-1 and USN-3276-2 fixed vulnerabilities in shadow. This update provides the corresponding update for Ubuntu 12.04 ESM. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. Various other issues were also addressed.
1e9c57ac95fdbfb8e5d4f1aae2419fe291ed3ef18bb3d7c164fe89167d8baaf7The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
5f99232e20edd9cfce2e0bc71a9ab86a116cc5312d663d6074aedd52318d802aSiemens SICAM RTUs SM-2556 COM modules (firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00) suffer from authentication bypass, code execution, and cross site scripting vulnerabilities.
6864e041ea9ea5c47eae9ce0c17da621296c15e9daa9c14e95a469ba65d9f5dbUbuntu Security Notice 3479-1 - David Rowley discovered that PostgreSQL incorrectly handled memory when processing certain JSON functions. A remote attacker could possibly use this issue to obtain sensitive information. Dean Rasheed discovered that PostgreSQL incorrectly enforced SELECT privileges when processing INSERT ... ON CONFLICT DO UPDATE commands. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. Various other issues were also addressed.
550ac5a8340393940b74a904142df00423bdc1ccc5cb9bd770de19667918cad2WordPress DFD Reddcoin Tips plugin version 1.1.1 suffers from a cross site scripting vulnerability.
f3d4f0a0ee98d629ac02048da08e3e6ae00110db815e2b61128a50cb6090f735WordPress AMP Toolbox plugin version 1.9.4 suffers from a cross site scripting vulnerability.
05cc9be8ff83407679878616e8759be1576f3ba02f64966b0706b11f9859c785WordPress Affiliate Ads for Clickbank Products plugin version 1.3 suffers from a cross site scripting vulnerability.
0e2f63c40a2949fbef388d63c8dd36586fa1924cfe0dcfff0059cd518164e37fI2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
f51305ad748b63e9f9985d3dda75f74809f8a70c063ddf2482de18720decd1fcThis Metasploit module leverages an unauthenticated credential disclosure vulnerability to execute arbitrary commands on DIR-850L routers as an authenticated user.
cc7df6cd9e0b41f07f8a1a231bb9a9254b142b689a4c11057c1e7752ab535833Debian Linux Security Advisory 4032-1 - Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed GIF, TTF, SVG, TIFF, PCX, JPG or SFW files are processed.
91b123b551f3093d194f4601ae556ce86970e9b2340d8dba3618149467699703Debian Linux Security Advisory 4031-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.
159d8516272de2855d862fe78cb2d2324f34830b411d45ba56db38fab7edc242Ubuntu Security Notice 3478-2 - USN-3478-1 fixed two vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
56131795db34853861d0fab4f6e44a939d8737a03a90759a8c10c92c4cfa6938Red Hat Security Advisory 2017-3195-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.
1cd0bba4ab91a73d7cce32fc9e3848a3997b76fb2ec465345a830ccdfae8a9b7Red Hat Security Advisory 2017-3194-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.
92d2039ef450cbfdc24f149dcc7b4b56ab1b664b8297c9bffd1ac92804201ae6Ubuntu Security Notice 3478-1 - Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code.
4110b15e29d147493be4523d5ce7d758642b163da3bc0f38eebaf8b8d4cfb359
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed