ZoneMinder version 1.32.3 suffers from a persistent cross site scripting vulnerability.
e94efa7642936ba71bb0743ce4201017616e013258f90a2f172a6f409a8c519d
CiuisCRM version 1.6 suffers from a remote SQL injection vulnerability.
be51038e0706dd6dc4aff4592294f2d56579b86b1996c3d6145005bffe24eba9
Debian Linux Security Advisory 4473-1 - Multiple security issues were found in the rdesktop RDP client, which could result in denial of service and the execution of arbitrary code.
8c78b2006612b15ce35e2d55613451e342d36505cf13b9c7af35b24a67225bf2
WorkSuite PRM version 2.4 suffers from a remote SQL injection vulnerability.
db1e0a50fe88e6acf597749ecdd0ca98cf1a68fec7ff0a0baf78a5ef34b6564a
Ubuntu Security Notice 4041-1 - USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service. Various other issues were also addressed.
38c17aacbb7b32c138b118b5a4022a5ed59168bcf511fb1f084a35b7d0a6e202
Ubuntu Security Notice 4041-2 - USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM. USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Various other issues were also addressed.
c7d4a3aaf64ac902122bdf9096c8ee39c4b00b7f851ae0fa3d01c3b2b30e7b7b
There's a task in Windows Task Scheduler called "SilentCleanup" which, while it's executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%\system32\cleanmgr.exe. Since it runs as Users, and we can control user's environment variables, %windir% (normally pointing to C:\Windows) can be changed to point to whatever we want, and it'll run as admin.
58e8c9a2922eb9b32f5e84d467e3b7a8e02cbd89977b2287f299fcfa861a0d71
JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.
4fc1b906250e6f6a8054f27ecadabf5ff49d66951ffa585578a40731082a91b1
Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.
69c0f2eade7e52a983ec44cfcf350ae8215fde7477f5777ca054bbb2cdd25e60
Debian Linux Security Advisory 4472-1 - It was discovered that Expat, an XML parsing C library, did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service.
fdaf8b352e1a0724c793ebdb3d309b230cc30c98f3b6142e34bb3151eafef9a5
LibreNMS version 1.46 addhost remote code execution exploit.
e097a34b58d0c2df9716a65556604b2510639df3b7a0b98498f57b52615842f2
129 bytes small Linux/x86 chmod + execute + hide output via /usr/bin/wget shellcode.
d71026b126f921724e16445e34b085a5d7ac0a2d632fd2da03c87d64173716c6
There is a security issue where Google Chrome's PDF plugin is allowed to use the Pepper Socket API. Patches are included in this archive.
ad0eefb7789dc829f60df188dd516da0493ea392c5b128c25d5466f89a05305f
191 bytes small Windows/x86 start iexplore.exe shellcode.
0847049573c193746ea36e43de7fcdafd94e46024c09f28c2f50f959e6cc4353
Red Hat Security Advisory 2019-1626-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.
8b9b8d6cf3822cc19ee197bca2a176146e339b89f859f9e5e5358cb75d1c8c64
Ubuntu Security Notice 4042-1 - It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code
8c42095fc6d39595d3a76ea8338a85836c2746512cdbb94767ed708fe9698766
Red Hat Security Advisory 2019-1623-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.
a862b1d7e05af64177914350e809feb8d4aba2124b6e1b3bbfc12c843966458e
Red Hat Security Advisory 2019-1632-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an arbitrary file write vulnerability.
226035287bcd1c0d5089dd0ac15a540d945caf292909d2017b8aa39d1aa1fd1d
Red Hat Security Advisory 2019-1633-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images. Issues addressed include an arbitrary file write vulnerability.
e6e8443c43325cc60b6222e6c7230d0d41b7cf0326abd29df0ecf5a18961512c
Red Hat Security Advisory 2019-1624-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.
a32ac12e95b7d4d2133ede322d4ddb074852b0bb68a2a054b2117624ff9845bb
Red Hat Security Advisory 2019-1619-01 - Vim is an updated and improved version of the vi editor. An arbitrary command execution vulnerability was addressed.
9f78b10b162715918d81c097d8a31392be9856d214d5b08414c63816c9ec453d
210 bytes small Windows/x86 bitsadmin download and execute shellcode.
e9d5c3f3eed4ac99877670df0c79846e46237e60811013236f0f91d47c45142a
Linux/x86 ASCII AND, SUB, PUSH, POPAD encoder shellcode.
0f59482898b8c68eff13a6977fa8a7526c9180866f8a667284241beca5475c10
Ubuntu Security Notice 4040-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service.
251b85a8c68321ea23a55c52e49629c8a3a25fa86fb47f440c3f071922997ed6
Ubuntu Security Notice 4040-2 - USN-4040-1 fixed a vulnerability in expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service.
f1885e6f06f6f2c730d8efe155ac5f1c76f1b005205c7c8535cdc2920730fa9f