Ubuntu Security Notice 3968-1 - Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions. Various other issues were also addressed.
d41b10dd2219c1694797bcb7f4beef3a922178c7cf9a1af0fa4fb6292db3efb2ReadyAPI versions 2.5.0 and 2.6.0 suffer from a remote code execution vulnerability.
6acacde84a473859a86c41b9c5c022b0becee9ea9d1bccb8460793058d3aa773Ubuntu Security Notice 3967-1 - It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash.
a4664648350146cf5f50d26dcf6ba5a6650a1f5bcce85926d6c7aa0c0d563038Ubuntu Security Notice 3965-1 - Dhiraj Mishra discovered that aria2 incorrectly stored authentication information. A local attacker could possibly use this issue to obtain credentials.
40dcc8ac374b67c7b85a791b82e2300742a7f0cf707bd67f6a709bfb67a36dbeUbuntu Security Notice 3966-1 - It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked.
bc472bc8d95f101ec79ee90aab5dbf93ad0e7fef7ec672cf9a2183bc6071ca6aPrinect Archive System 2015 release 2.6 suffers from a cross site scripting vulnerability.
a1f6530c485651823b237a796a243f26c35c4e1e6f0147e5bf4bd437de341654PHPads version 2.0 based on Pixelledads version 1.0 suffers from a remote SQL injection vulnerability.
8254a17312393c12980857abbe0cf30886d24d83d7aaf2ca66fc463bf9422cffLG SuperSign EZ CMS, that many LG SuperSign TVs have built-in, is prone to a remote code execution vulnerability due to an improper parameter handling.
719cb35b5f29605c2fac597184bef744354694f1d49a1c44b137cbb6851a40c2NSClient++ version 0.5.2.35 suffers from a privilege escalation vulnerability.
62a3b6fc7bd4e42f52edad19bdb6b0e454cf7fdb54b1614abff77a4ff5927ea659 bytes small Linux/x86 multiple keys XOR encoder / decoder execve(/bin/sh) shellcode.
f535c1389683c122f2cb79a76398628c16ef71ccc62b96cc600d41025a013199microASP (Portal+) CMS suffers from a remote SQL injection vulnerability.
f98732df55ffbd048c00da94fa45cea4927f68d3f8e6c8ee08dfc024b4559cd472 bytes small Linux/x86 shred file shellcode.
d2c6924adaead208a3b0dc435c7c97695d43eb953acf4b9059c341fc8aa4ec92Lets Map Your Network is a framework that enables you to visualize your physical network in form graph and look for anomalous changes.
890cba8fc34f8219427fa4039d5112681ff1068aa13b095b320e7f698a79e84biOS version 12.1.3 cfprefsd memory corruption exploit.
c1a454b673b9c6b375cf0181560083c3376a36d37bb7bc6fcc390399237cc5d4Xitami Web Server version 2.5 remote SEH buffer overflow exploit with egghunter.
9266efca799b47f871561d9abe7318234f5774a03d813b9cbf03d84871e49824
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed