System broadcasts by Android OS expose information about the user's device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address. Some of this information (MAC address) is no longer available via APIs on Android 6 and higher, and extra permissions are normally required to access the rest of this information. However, by listening to these broadcasts, any application on the device can capture this information thus bypassing any permission checks and existing mitigations.
523ebc0e6847c2ff3858fa671185f0aded4e77fd712ecd694c1d059ae8df9760
48 bytes small Linux/MIPS64 execve(/bin/sh) shellcode.
56464e7a0776d9be456888e80242557c4985e57311bdb17c4b598c46c3171748
Eaton Xpert Meter version 13.4.0.10 suffers from an SSH private key disclosure vulnerability.
9202527e403cd306b11b2ac0811f1dc28ab8b48ecd31c595d94593d5a1c8db5b
Micro Focus Security Bulletin MFSBGN03820 1 - A potential vulnerability has been identified in Micro Focus Autopass License Server (APLS) available as part of Micro Focus Hybrid Cloud Management (HCM) containerized suites. The vulnerability could be exploited to Remote Code Execution. Revision 1 of this advisory.
2d61619a06d676e06eb6194e9e310405d9af8f5af14deeeb16794a2c247e7989
Micro Focus Security Bulletin MFSBGN03818 1 - A potential vulnerability has been identified in Micro FocusContainer Deployment Foundation (CDF) available as part of Micro Focus Operations Bridge containerized suite. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.
434ce79168901c4de4e54a19861be652cfb8972f7a11603853db68e982fe5c63
Micro Focus Security Bulletin MFSBGN03815 1 - A potential vulnerabilities has been identified in Micro Focus Autopass License Server (APLS) and Container Deployment Foundation (CDF) available as part of Micro Focus Data Center Automation Containerized (DCA) suite. The vulnerabilities could be exploited to remote code execution. Revision 1 of this advisory.
92cc347b87900ab47e8d5d81001d8c92997d43e647ae08e4f7333be8488113dd
Micro Focus Security Bulletin MFSBGN03814 1 - A potential vulnerabilities has been identified in Micro Focus Autopass License Server (APLS) and Container Deployment Foundation (CDF) available as part of Micro Focus Service Management Automation (SMA) containerized suites. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.
66bdf24a6c3b8403b98e4f0e593e4e03ee3a86ded9ccc38f3fdaa47ff8bbd894
Micro Focus Security Bulletin MFSBGN03817 1 - A potential vulnerability has been identified in Micro Focus Autopass License Server (APLS) available as part of Micro Focus Operations Bridge containerized suite. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.
7f1aa2c2fe10375f9faaed80c930f6ff9cdac79689336fb113ef1592ca2b5365
Micro Focus Security Bulletin MFSBGN03813 1 - A potential vulnerabilities has been identified in Micro Focus Autopass License Server (APLS) and Container Deployment Foundation (CDF) available as part of Micro Focus Network Operations Management (NOM) Suite CDF. The vulnerabilities could be exploited to Remote Code Execution. Revision 1 of this advisory.
e0f22b9b84fc8081355ec2a3d521b33a94614093adcf2b9bd77407a8160b1634
Ubuntu Security Notice 3758-2 - USN-3758-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM. Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information Various other issues were also addressed.
b1d6792129f791160d4e56eab3a21ec99a7b958cec1b84aae3d82f43a420a4d0
Ubuntu Security Notice 3758-1 - Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information Tobias Stoeckmann discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information. It was discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
bd78445efe37ef2e6022b7e5233dcf492032651e8430f3d4a36415c1e023882c
Red Hat Security Advisory 2018-2602-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory vulnerabilities.
f6b54b09c6a2d9f3064c6d9bccdcf343bb3d049d98acdfd1f89cf311ab6000f2
Cisco AnyConnect Secure Mobility Client version 4.6.01099 suffers from a denial of service vulnerability.
c6e0c15d91b91207790a50bd4ffc241b9d7758952646e0f4bb8076175cafe939
Drive Power Manager version 1.10 suffers from a denial of service vulnerability.
3df23975ba0689b6da9947d27de0b824350ced6c6cb57ef0b55c35d494e5195b
Signal on iOS (createGenericPreview) fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed resulting in a forced restart of the device.
4ce0fd326dc93a64974504c4ab0ac1e15d0fa7780f726f470d93cae7645a7678
HD Tune Pro version 5.70 suffers from a denial of service vulnerability.
578549ca9a80f6e1c767fb3aa608e678031207153ea6fb4d907b168213f947c8
The call for papers for the upcoming Hack in The Box Security Conference 2018 in Dubai is now open.
87eb79eeed2134c3b12da6e709cd0ab600a1fb775a4d9d7a002313149b8ae23e
Micro Focus Security Bulletin MFSBGN03812 1 - A potential security vulnerability has been identified in Micro Focus Application Performance Management. The vulnerability could be remotely exploited to remote cross-site tracing and Remote Disclosure of Information. Revision 1 of this advisory.
036ae2ebc4885aadfd00524527301c924ad6d398156ccf5f97b9ecd58df42728
Red Hat Security Advisory 2018-2598-01 - OpenDaylight is a modular open platform for customizing and automating networks of any size and scale. The OpenDaylight Project arose out of the SDN movement, with a clear focus on network programmability. Issues addressed include a denial of service vulnerability.
52b6589c17a7e7105836c225c8116a4c762b274e3e99d888b8f0fa31bcb41619
Red Hat Security Advisory 2018-2603-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory vulnerabilities.
3d81e96dde42a990c58ceedf86f6ffc84242f9f9b4c00806585ade31a234b825
Red Hat Security Advisory 2018-2585-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.
c2f7fbc80a1e3aef3f121319c8acd42c0aa36597f4908da7a0a51c7f2be8bcdd
Ubuntu Security Notice 3757-1 - Hosein Askari discovered that poppler incorrectly handled certain PDF files. An attacker could possible use this issue to cause a denial of service.
b86c980fc102c2b2063bceaad5f2650f8a38ec10c0c75e56c27c61a827da3c32
Debian Linux Security Advisory 4281-1 - Several issues were discovered in the Tomcat servlet and JSP engine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.
604c5094b1c4bc66945081a57708d07c2e803518e043a3487002861f782bc32c
Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to mitigate security issues.
ea856943ce3323e90a62f9f0444ae61a7c2cd21247544d82273f957d98b39be2
Proof of concept exploit that demonstrates a buffer overflow vulnerability in the Intel Management Engine as described in INTEL-SA-00086.
c02278512d883fa36838e5c564099cc4c6de0ef89e106b3e633e796c817b0fda