Red Hat Security Advisory 2018-0377-01 - The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector. Security Fix: quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code.
19564a870796b03c596086a31ca552ed1bfc8619aebaf0f87d69796c1a536874
Red Hat Security Advisory 2018-0376-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.4 will be retired as of February 28, 2019, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.4 AMC after February 28, 2019.
82ae71e9b7afe001b6e04f5e91a5f876ae3a264447fc92c08ce079b14f46e273
Red Hat Security Advisory 2018-0378-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploit this flaw to execute arbitrary commands by setting up a malicious FTP server and tricking a user or Ruby application into downloading files with specially crafted names using the Net::FTP module.
92370c4cfd0e580acedb86986981a012e6cb7e8f4c171eee4cd8f3ce7f67abe4
Red Hat Security Advisory 2018-0374-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Ansible Tower helps you scale IT automation, manage complex deployments and speed productivity. Centralize and control your IT infrastructure with a visual dashboard, role-based access control, job scheduling, integrated notifications and graphical inventory management. And Ansible Tower's REST API and CLI make it easy to embed Ansible Tower into existing tools and processes.
1210bbc52fc442407bee237585896be0d4a024d56cd46dc0961f8e58747f5ac3
TestLink Open Source Test Management versions prior to 1.9.17 suffer from an insecure direct object reference.
0910df37fb4c03268b6c09f2acdee5ba8b437d90519a496c092a0421442672d9
Debian Linux Security Advisory 4124-1 - Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal.
29dc6d7fea2b092e820fc5d1427b083cae139fa26d364a0522fba89aa5887131
AxxonSoft Axxon Next suffers from a directory traversal vulnerability.
d35bb1a5d3f761c3ff0d4cfa73dd81a7c335da6fabac0fea007e4f5814a538e4
Routers2 version 2.24 suffers from a cross site scripting vulnerability.
656c1fd056b23aa3b04843f9ce4f60bf1548dbce63cd318d5904c1fe2e28549e
D-Link DGS-3000-10TC with firmware 2.00.006 suffers from a cross site request forgery vulnerability.
717fd8dd46edd9530a1410930e153f70e4c7a7782e591a4475ba5d12b792139c
Apple iOS version 11.2.5, watchOS version 4.2.2, and tvOS version 11.2.5 bluetoothd memory corruption proof of concept exploit.
5f8953b66fca448151f5a297216335adee4b18b9b5c9dcce6a6c97b8961b820e
Whitepaper called Paraisiting web server process with webshells in permissive environments.
4afa9eda25fe12a978a6d2a45d2b5514b98cca6fd971be9525f63c9fac79cbc5