I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
843345a85e021408e4cbeff8ee94b3842e9c4b5295bef374d5f2026872dae114This Metasploit module exploits a buffer overflow in Dup Scout Enterprise version 10.4.16 by using the import command option to import a specially crafted xml file.
9e66581c3952dd3cb70260f079d2681e43c224c9773b59e41966964f02086b66The Microsoft Surface Hub Keyboard is a wireless keyboard that can be used in combination with the digital whiteboard/collaboration system Microsoft Surface Hub. Due to an insecure implementation of the encrypted data communication, the Microsoft Surface Hub Keyboard is vulnerable to replay attacks with certain restrictions.
8364fa77aadd264937546204517a2bd848213645555137ac544d87e691dc1ac1WordPress Propertyhive plugin version 1.4.14 suffers from a cross site scripting vulnerability.
e4f3af738709f4d07dc057b3c40d44164665ce6277788575343fa5b52e81b87cLibRaw versions prior to 0.18.7 suffer from multiple denial of service vulnerabilities.
6f2fad3f5394bdde7e23e002cd783a40da990ed01f086dd079d4a423604f3b82HPE Security Bulletin HPESBHF03811 1 - Security vulnerabilities have been identified in IMC PLAT 7.3 E0506P03. These vulnerabilities could be remotely exploited to allow unauthenticated command execution, arbitrary file write, and arbitrary file deletion as SYSTEM or root. Revision 1 of this advisory.
d0dffbdd0e7e19b13f6aa82eaf3ded269dd38142a6a47716dd414dd5b9347433Debian Linux Security Advisory 4099-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
7c2c9b17b62aa8ef5565df99acfa5c1edf51b5a9d3b937d6318b6088f4931693Debian Linux Security Advisory 4100-1 - Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code.
1c4ba021a4240c483e1a7e3fc270b43da4c7a10ed66c028077cbdf7272a33c8cUbuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.
718720eddc43ffd427e0bb22018bf540e10c1d9368bd32c4736cf3bca8bf3ad0Ubuntu Security Notice 3549-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.
6783ef5d60ebcdb96afbe1c101970db5c549d1aa6fd46874cef70bf326ff5247Debian Linux Security Advisory 4101-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors/file parsers for IxVeriWave, WCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of dervice or the execution of arbitrary code.
923013791f47f31154325705e177847c00116e212bbec54a1f62af5d52ceeb77System Shield version 5.0.0.136 suffers from a privilege escalation vulnerability.
f626a4f9552099668be23ebb87041f750ded49c5680a8ffbd4970f638156b4aaBMC BladeLogic RSCD Agent version 8.3.00.64 suffers from a windows users disclosure vulnerability.
5995833cc8f492dec87584458463636dea93dbe19e46cb2d7a645ff0909fa614Joomla! Visual Calendar component version 3.1.3 suffers from a remote SQL injection vulnerability.
b63c30a3be5fad7c6687354ff13bfe87760888a3717db786e7e4fd41f9810341LabF nfsAxe version 3.7 TFTP client suffers from a local buffer overflow vulnerability.
b2ab8c63149c71231ff3b1397adcdaa6415b1b9db4923fab52052508bc794d29Joomla! CP Event Calendar component version 3.0.1 suffers from a remote SQL injection vulnerability.
74e35677bb968d8e58f9d0e69cd67ad89b951a036914cc794f2e48c09359b1ceJoomla! Picture Calendar for Joomla component version 3.1.4 suffers from a directory traversal vulnerability.
ddb0e45b904fc04833b2f63cc66c6954f195a4871fcc92ba1fa31de687913419This Microsoft bulletin summary lists an advisory revision increment for ADV180002.
da39f909f3cffd1496186a9e8d619303a0d72a4214c9a7d7af3a04275c837aee
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed