Binance version 1.5.0 suffers from an insecure file permission vulnerability.
0ba40ef38f7c377b34843572406e4fa76e67e64496e66eefba5e463e61a79b4aHomeMatic Zentrale CCU2 suffers from an unauthenticated remote code execution vulnerability.
b4f6a0c88899f62f3f28993af5b88a42122c638c13259600aa79b07025590e42Ubuntu Security Notice 3717-2 - USN-3717-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain duplicate action IDs. A local attacker could use this issue to cause PolicyKit to crash, resulting in a denial of service, or possibly escalate privileges. Various other issues were also addressed.
0e50fe8144849a5cdb19a5c84bfb390d531f53793544abd196d8c4665d9109c3Red Hat Security Advisory 2018-2216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
3dc70edca078d389b1c668dd81872c380a57b2d0c376028b81cd29fabc95e7afDebian Linux Security Advisory 4247-1 - A timing attack was discovered in the function for CSRF token validation of the "Ruby rack protection" framework.
8190086dbd6a857b5e5b9fbeaf2d2e2876e63e54e53d615d5e4fb5c4ce3cedd6Gentoo Linux Security Advisory 201807-1 - A vulnerability in tqdm could allow remote attackers to execute arbitrary code. Versions less than 4.23.3 are affected.
c2ff1c9645129cc635094a7ab18992e5a9294b30111d5694e55fa9ab84f5b797Slackware Security Advisory - New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
036969020dfa214fb88dfbf1b119f2eedc77ece499f7bc5e881cdf1b874f5f11Debian Linux Security Advisory 4249-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
bc817a1ba32502d64e44e0e7934bd20d5286ef7fe74125516251f3732335d796Debian Linux Security Advisory 4248-1 - Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.
fea67846780c697b0fe1ace22ae0158ab68f7f1e777a3b34e3b13d1bd4e24e80Doorkeeper versions 4.2.0 through 4.3.2 and 5.0.0.rc1 suffer from a token revocation vulnerability.
08ac87e1b829431db9b341f770173cc5f495a8851d19ff3fee5a5def79fd3e39TP-Link Archer C2 router version 3.0 suffers from a remote code execution vulnerability.
a0e5aedad6b9c69fff87c8273ec4601ef3d05652bffa16e3abb3c7a3060d09e6This Metasploit module exploits a command injection vulnerability in the change_passwd API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin' operating system user. Valid credentials for the 'admin' user account are required, however, this module also exploits a separate password disclosure issue which allows any authenticated user to view the password set for the 'admin' user during first install. This Metasploit module has been tested successfully on QNAP Q'Center appliance version 1.6.1075.
2512d7b1edc015bac56416ba2dcdd6270221ff0334fb6e455fe43015d981b8baThis Metasploit module takes advantage of miner remote manager APIs to exploit an remote code execution vulnerability.
0ca07392f09cf7f9e00d05b5a58fc620e9f3f2ac9626ff815c38cd1ad9c63d14Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
85346b4d026e6a041c8e326d2cc64b5f5361b032075c89c5854f16dbc02fce6fGnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
1936eb64f03aaefd6eb16cef0567457777618573826b94d03376bb6a4afadc44
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed