Asterisk Project Security Advisory - When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message is output to indicate that no samples are present. A change was done to suppress this message for a particular scenario in which the message was not relevant. This change assumed that information about the origin of a frame will always exist when in reality it may not. This issue presented itself when an RTP packet containing no audio (and thus no samples) was received. In a particular transcoding scenario this audio frame would get turned into a frame with no origin information. If this new frame was then given to the audio transcoding support a crash would occur as no samples and no origin information would be present.
f099af7f927bb32ebabc2ad896ed9ecc6426a574a8666725577cefa49658c9c4
Asterisk Project Security Advisory - When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint responds with a declined media stream a crash will then occur in Asterisk.
bb7ad078a0f3af2b1a5200e64d077cdaa043b5c90eed178634116a901bf0a64c
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
19c4b0b7e49e3622d46f478ce1290c904870d04e5246b89fdd371bc9830c6b2e
This Metasploit module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a privileged user.
fd4483c2d11523aa133d98cfbc3d2430e4968d51d316ebccfd038998c7d314e9
WordPress Ecpay Logistics For WooCommerce plugin version 1.2.181030 suffers from a cross site scripting vulnerability.
a30bd615c191cf717a1dd3a0ea095375172367c74e0c8e8ebbb5f8e3ee306e7b
Linux/x86 TCP reverse shell 127.0.0.1 nullbyte free shellcode.
329c527166985f21f8066e80dbde39d0834fcb98733657d062bf3926cdfd341f
WordPress API Bearer Auth plugin version 20181229 suffers from a cross site scripting vulnerability.
8675ab0366b6c26fd347c4649b9413d45f92201753b05f00cfa73d625cbe7053
Ubuntu Security Notice 4123-1 - It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write arbitrary files to the filesystem.
44ffd0318bdf890a835ec37bcb33cceb2e69f451205ffb4d30efa27ad9709d7f
Red Hat Security Advisory 2019-2670-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 76.0.3809.132. Issues addressed include a use-after-free vulnerability.
0667ea86b468b9548437d3a42a583a0ff251b19a21e36fb12e3a0bb59e46f4b8
Slackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.
7cc6ffe266b7217ab3a0ff96b53da019f5f366bc4ec9614435fcd33ab00cb588
Red Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and denial of service vulnerabilities.
89b9f7500052fdb49625bbc8a8734904b10ccb16484d2ad58eaf340ea1707561
Red Hat Security Advisory 2019-2551-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.
fac43b81794eff4c4fde373963bf1874e8dd0198beb61caebbe34b63db1c7df9