I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
5df27a8123a0bb60caa952e119929b41This Metasploit module exploits a buffer overflow in Dup Scout Enterprise version 10.4.16 by using the import command option to import a specially crafted xml file.
3c239cd0ae1f2f80ccc8d0c47c009097The Microsoft Surface Hub Keyboard is a wireless keyboard that can be used in combination with the digital whiteboard/collaboration system Microsoft Surface Hub. Due to an insecure implementation of the encrypted data communication, the Microsoft Surface Hub Keyboard is vulnerable to replay attacks with certain restrictions.
514b6aba1a5ec8c2a7181198929fe797WordPress Propertyhive plugin version 1.4.14 suffers from a cross site scripting vulnerability.
afdcbe34b23f34d657b3c94c76c5b535LibRaw versions prior to 0.18.7 suffer from multiple denial of service vulnerabilities.
b283e74d224414b0827be3033367a3d3HP Security Bulletin HPESBHF03811 1 - Security vulnerabilities have been identified in IMC PLAT 7.3 E0506P03. These vulnerabilities could be remotely exploited to allow unauthenticated command execution, arbitrary file write, and arbitrary file deletion as SYSTEM or root. Revision 1 of this advisory.
f8ddcb4213111204018146ba685c2fedDebian Linux Security Advisory 4099-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
adf3cc44326c3b83c8759ac8fb7f44e1Debian Linux Security Advisory 4100-1 - Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code.
2b39be77676f508096d3ffa9c0eaacfcUbuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.
d84c99d87e33bb182108e9d20d529f0fUbuntu Security Notice 3549-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.
e351d3919427f019b452313752353804Debian Linux Security Advisory 4101-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors/file parsers for IxVeriWave, WCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of dervice or the execution of arbitrary code.
8fb0c47086134cf340ae4da983ceabd8System Shield version 5.0.0.136 suffers from a privilege escalation vulnerability.
4a8fd608e34422f5a3a92d606918f600BMC BladeLogic RSCD Agent version 8.3.00.64 suffers from a windows users disclosure vulnerability.
9a5bc055f019f7c0dbca70e7a76dd801Joomla! Visual Calendar component version 3.1.3 suffers from a remote SQL injection vulnerability.
cecf1fcd729c3fd1fae4bbc0174532c7LabF nfsAxe version 3.7 TFTP client suffers from a local buffer overflow vulnerability.
5b6eae06992b1e16f8467ad283643cc2Joomla! CP Event Calendar component version 3.0.1 suffers from a remote SQL injection vulnerability.
3f91b2abacae96e39d93cd8388c32208Joomla! Picture Calendar for Joomla component version 3.1.4 suffers from a directory traversal vulnerability.
ac5dc4cbe5ea75700be479573c5d43b2This Microsoft bulletin summary lists an advisory revision increment for ADV180002.
7cbbc88fd42c12ff567f00af6c0b837a
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed