Abyss Web Server versions prior to 2.11.6 suffer from a memory heap corruption vulnerability.
dae523bbc55ad0bfb91d5589960ec218c652ecff3a14d287dccc019acec802b4Ubuntu Security Notice 3490-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing-like context, an attacker could potentially exploit these to bypass same-origin restrictions, cause a denial of service via application crash, or execute arbitrary code.
8865834d048308c75d460b35d2d88a91e987a3fa7a626ec895c16af3fd6a09fdArtica Web Proxy version 3.06.112216 suffers from a remote code execution vulnerability.
999d53685927c8185bb6eec7715c6063c4efdb9165c561921a3cf9e21da22aa8MistServer version 2.12 suffers from a persistent cross site scripting vulnerability.
7e1d760031b967b3ff9794c2ea823970ed269df7706f78a82ecac79f44240d6aVulnerabilities in Symantec Encryption Desktop and Endpoint Encryption allow an attacker to attain arbitrary hard disk read and write access at sector level, and subsequently infect the target and gain low level persistence (MBR/VBR). They also allow the attacker to execute code in the context of the built-in SYSTEM user account, without requiring a reboot.
c552a0d5a2f17481d112b351045fec72aa1777dac0c1e90c745138d741a25e68SocuSoft Co. Photo 2 Video Converter Free and Pro variants version 8.0.0 suffer from a buffer overflow in the pdmlog.dll library.
3fd31bbd67b180c246f9cd03a3612bab55a00be62eb13be5e16f3cbc67cc5f37Axis Communications MPQT/PACS suffers from heap overflow and information leakage vulnerabilities.
5c70ff5167b04f198b52c0dc3f8309937d69063f123eca02784c45bea1eb2e02NorthSec 2018 has announced its Call For Papers. It will be held in Montreal, Canada, from May 14th through the 20th, 2018.
3907a2d89873da07b04bdce43816d94ce59b2aee0f3b79248ec82a7e52be59b1Apple Security Advisory 2017-11-29-2 - An attacker may be able to bypass administrator authentication without supplying the administrator's password Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
d1caeb89bf3189579b272d84f58ff120543420c9d279bc6f03bbd20691276039Ubuntu Security Notice 3477-3 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.
3a399722a8fed6b27405ec5f9c9112bdb399c08de54e945ba0f23e69c02ebbfcCEMLink 6 suffers from having unrestricted WSDL service access and a weak mechanism for password storage.
c9b665e21f50fb018ba7b84be3b0b77cb474ba53d2b15c7fe96199acc856aa14Apple Security Advisory 2017-11-29-1 - An attacker may be able to bypass administrator authentication without supplying the administrator's password. A logic error existed in the validation of credentials. This was addressed with improved credential validation. suffers from a bypass vulnerability.
f4201e73331165b83356487e95a29618e9ff1f2c9a834f1343b9b62ace030047aws-cfn-bootstrap versions prior to 1.4-22.14 suffer from a local code execution vulnerability.
e55f000394534026ef308ace6b8be3431f31512efa0ee6f2a2ffa1222ab1e1d5Digital Whisper Electronic Magazine issue 89. Written in Hebrew.
cca80d0b123a188e8fc477443267950b81c859178401e4de4220e5e15ed69b06Cisco has released an advisory detailing code execution, out of bounds, and denial of service vulnerabilities in the WebEx Network Recording Player.
933e82144bff1553d310fc0e1a83961cada366eaac209dc3750e70b91843bdd0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed