Exim version 4.89 suffers from a denial of service vulnerability while parsing the BDAT data header.
06400f3e55ff24c12a728e79c0653462e865d8c5b296a559adff089a0a57f067
Diving Log version 6.0 suffers from an XML external entity injection vulnerability.
d0450eb5a8f82ef2929848b75adb39ccab2685f6239626955cde5507f931229d
A security vulnerability in RSA Authentication Agent API/SDK for C versions 8.5 and 8.6 could potentially lead to authentication bypass in certain limited implementations.
96e44facec66d245517ed5775e0250836be88213983c6ab0a939fbec80c2e1da
A security vulnerability in RSA Authentication Agent for Web for Apache Web Server could potentially lead to authentication bypass. Versions 8.0 and 8.0.1 prior to build 618 are affected.
e809201aa940c6a9c8357406fa7d2d471668ca0e033a43147728363b0bbfc35d
This is the Iceman fork of the Chameleon Mini source code for the firmware. The Chameleon Mini is a versatile contactless smartcard emulator compliant to NFC. A popular hardware revision is the Chameleon Mini rev E - rebooted.
6d43a0f372b8297935c834c2db448e3fc735feda1b2cbedd7cff95edcbe021bb
Ubuntu Security Notice 3477-2 - USN-3477-1 fixed vulnerabilities in Firefox. The update caused search suggestions to not be displayed when performing Google searches from the search bar. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.
9d86fd5032018e790c3b211d4a6351a163087b4a1457ea87bb4f30d6d755a7b4
Ubuntu Security Notice 3495-1 - It was discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code.
9a2b0afb95212034eda457751a8409bd3790121144231c5a778b06133163530a
iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
582595982431a35d6b5544384918bf51a031a9c773ee746826bacc9afd647b34
Ubuntu Security Notice 3494-1 - It was discovered that XML::LibXML incorrectly handled memory when processing a replaceChild call. A remote attacker could possibly use this issue to execute arbitrary code.
72b732fd3f05827c401246f726f4d428a69a60db0e46fbefe772bb646b472cba
Ubuntu Security Notice 3493-1 - It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
b682ce23a365c9f0c1a12f999ea8890678e6432dec8406a563bfa963c428342c
Ubuntu Security Notice 3476-2 - USN-3476-1 fixed two vulnerabilities in postgresql-common. This update provides the corresponding update for Ubuntu 12.04 ESM. Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
334649fe863d6da15bfb22775417958a6004976a01d7fb36d76466fbe9a48233
CMS Made Simple version 2.1.6 suffers from cross site scripting and server-side template injection vulnerabilities.
6b78c3370b093a9afe1f6852a2f1df3a510d50c437d422d4e858dd8f8493fba3
ZTE ZXDSL 831 suffers from an insecure direct object reference vulnerability.
56ed9803c128c1aed4f617858b3568c7769896b1c746cd91482983cbe371b484
Red Hat Security Advisory 2017-3265-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.
ef0733358f7868bd51e823af67579e4d81acf87a3799ba07337735c84fab869a
Red Hat Security Advisory 2017-3264-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
b9201431909936ea9fd97a7fcd50d51c4350b43fe1f82c552c0ae26c8fd37e75
Red Hat Security Advisory 2017-3263-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application.
c5eab8bf1e060a52f1aeaf4d8be2f3887a32098d9807d9da833a0c80320d986c