Debian Linux Security Advisory 4089-1 - Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named.
0c69bcf7934d353be84dd3513394cfaf38689473248e38e85c9a036421992e79LiveZilla version 7.0.6.0 suffers from a cross site scripting vulnerability in knowledgebase.php.
4123b57a408430d9249838b1a4ae8f14da6d20ffb227b799b096b1482f160815D-Link DSL-2640R unauthenticated remote DNS changing exploit.
fcf1c058c56aff2d7e56ad50294fec707d5ee83dd7dac74d7357c0d3cd4671d6Zenario CMS version 7.6 suffers from a remote SQL injection vulnerability.
254165a73aa58032c1f8aeabc84cd8c0edd3662e557257997b18baa0c5e92fb8Synology Photo Station versions 6.8.2-3461 and below suffer from a SYNOPHOTO_Flickr_MultiUpload race condition file write remote code execution vulnerability.
2f259ecca560d8014c959bb9ecb4e0989aae98571abf14acaab1188b34ec89c8Seagate Personal Cloud suffers from multiple command injection vulnerabilities.
2a336eda64120c4d115233d9b3f5e7d5b8d216683a2d574817c4246464990a07Red Hat Security Advisory 2018-0092-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. CloudForms virtual machines include a copy of the Linux Kernel. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
7a4ffd4eb32a5fe889b0ec82c2243818bfbd347db5909195b299bdd391d2f060Ubuntu Security Notice 3533-1 - It was discovered that Transmission incorrectly handled certain POST requests to the RPC server and allowed DNS rebinding attack. An attacker could possibly use this issue to execute arbitrary code.
acafefa36c4ffa9edf95a882b03d4dea109bd3bd0a12db6b101eb13462e2a07bDebian Linux Security Advisory 4088-1 - It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened.
13477c4273bddbec03663698490c99accd7d776714c9323756b062bc5ce887a4Ubuntu Security Notice 3532-1 - It was discovered that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled certain images. An attacker could use this to cause a denial of service. Various other issues were also addressed.
48fc0affae45f86677383560b579d812b01f35ba7cf67e43a1cc7c2b83b12dcbRed Hat Security Advisory 2018-0091-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. CloudForms virtual machines include a copy of the Linux Kernel. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
41bb0b2789f0de895179e22f5044227d625660adf6b2b2e07b2ee4e1b170e550Red Hat Security Advisory 2018-0090-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. CloudForms virtual machines include a copy of the Linux Kernel. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
010667c3b7863c2f0122fdf3b160aebc8a6ff0c42484368839c19508a927712fRed Hat Security Advisory 2018-0089-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. CloudForms virtual machines include a copy of the Linux Kernel. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
c1fef22dd6d55f20d79f6dba7de279e636d1f17518ded4f6dd451aa3c09cb4c9Neon version 1.6.14 for iOS fails to validate SSL certificates.
0455162fadf4be53b7ece4643e0c17f957bb14c64a2dbe1ef81617f8316086c0ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and information disclosure vulnerabilities.
bd23232ee99e738d3f84b1fd3f3d388227c546aff375b18addd0d8e6dc43e90f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed