Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
5f3e62dec417873d80984702db0e07efUbuntu Security Notice 3765-2 - USN-3765-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
046498323331b3221476fc8637909661Ubuntu Security Notice 3765-1 - It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
a456fd55f32a80ce8985878450202aa9Apple Security Advisory 2018-9-17-1 - iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
94c7b08f05542c1e82ef6e458f60b472Netis ADSL Router DL4322D RTK version 2.1.1 suffers from a cross site scripting vulnerability.
12aae5ac0de569dbe6de71140188df41Oracle VirtualBox Manager version 5.2.18 r124319 suffers from a denial of service vulnerability.
31a4605233cf56d13a93b6d69953aff1Debian Linux Security Advisory 4295-1 - safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
c01b31084c3ffcfaf809a853f36ca1f8Ubuntu Security Notice 3761-3 - USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines, which were partially fixed by USN-3761-2. This update contains the remaining fix. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.
6d86615e6427f6c484cd9030a34da1d7Oracle WebCenter Interaction version 10.3.3 suffers from cross site request forgery, cross site scripting, denial of service, and various other vulnerabilities.
ad870b83464d9a944075001fc18b75fbDebian Linux Security Advisory 4294-1 - Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).
5536e1e864054d6f82660441d74f9e19XAMPP Control Panel version 3.2.2 suffers from a denial of service vulnerability.
298409b830a2b581d6026399a1e90cd1Debian Linux Security Advisory 4293-1 - Several heap buffer overflows were found in discount, an implementation of the Markdown markup language, that could be triggered witth specially crafted Markdown data and would cause discount to read past the end of internal buffers.
4421b9685d73866006c16d1c98ab0cb1Debian Linux Security Advisory 4273-2 - This update ships updated CPU microcode for additional models of Intel CPUs which were not yet covered by the Intel microcode update released as DSA-4273-1 (and thus provides SSBD support (needed to address "Spectre v4") and fixes for "Spectre v3a")).
8d3bff6c7eba959568a9bbd92b2ec137Joomla JCK Editor version 6.4.4 suffers from a remote SQL injection vulnerability.
bb4dcc781bf8291fcb89bca0e79c2be7Netis ADSL Router DL43 versions 22D RKS 2.1.1 suffers from a denial of service vulnerability.
6bb1a3809fa9cb489d69729e5a78fdfd
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed