Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
39e6293f11ec9f7d38e08f2eb076a436f384c9bb45ce026f60a4154064f6c1e0
ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the downloadDb.php script is not properly verified before being used to download database files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
bdeb7b96ce0490816b5aff85c7d91a69137f224971e0d812190f2924733b54d4
Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the PAM module in oath-toolkit, a collection of components to build one-time password authentication systems, does not safely perform file operations in users's home directories when using the usersfile feature (allowing to place the OTP state in the home directory of the to-be-authenticated user). A local user can take advantage of this flaw for root privilege escalation.
630b245f04eb1a7ff0cfa42251496c38ea3ce7b755c4c145ac3252c552e621aa
Debian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
d6e973db117eecd0774e6df97f98106f30600a1abd447da40462c767ea65fcb3
Proof of concept code for a flaw in TeamViewer that enables an unprivileged user to load an arbitrary kernel driver into the system.
8e84c906525cb3028d5e2434a5ce1ee9c2d79ef078f6024e17e16888fa959853
Ubuntu Security Notice 7053-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These vulnerabilities included heap and stack-based buffer overflows, memory leaks, and improper handling of uninitialized values.
c46fa2a8f39b4ff10e8c0dddf0bf320de57a6dc38c9be5fef165226cc363c4a8
Debian Linux Security Advisory 5782-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
6b1995cd75513141f3e03b2f430413db5d1f10bd1835463af1502d9622c439b4
Ubuntu Security Notice 7055-1 - Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypass authentication, and access network devices and services. This update introduces new configuration options called "limit_proxy_state" and "require_message_authenticator" that default to "auto" but should be set to "yes" once all RADIUS devices have been upgraded on a network.
271871d1420a0528a26685e8ce5cbcd406f9ca78469177524e1728fd0cf2771e
MD-Pro version 1.0.76 suffers from remote SQL injection and shell upload vulnerabilities.
b641856919de4d5b0a61bc35a8e30fb6042f78f529af33b52af81ec5d5f73c4e
Computer Laboratory Management System 2024 version 1.0 suffers from a cross site scripting vulnerability.
1fcd86678b2635e2cdd7247396f54562591ba9b9d9952cdb8f0ee3191c2cbf7a
Ubuntu Security Notice 7054-1 - It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code.
f929b28b770364cb20cced4b9f7c68ae7cbf43c718918fb91835f47e7343078f
Acronis Cyber Infrastructure version 5.0.1-61 suffers from a cross site request forgery vulnerability.
c2eceedb5e5bb0efa35e17bc56bd524328eb69b0a4975863b7ddd165b1b73695
Vehicle Service Management System version 1.0 suffers from a WYSIWYG code injection vulnerability.
daeb244d9db94e371d9cc2e37a40f07b6ca949b734ea683afcbe95ac4b4ca130
Vehicle Service Management System version 1.0 suffers from a PHP code injection vulnerability.
f9fcf44105743a3a54ea4970cafe882eab97bba4a5694154f79b99123f25e133
Transport Management System version 1.0 suffers from an arbitrary file upload vulnerability.
1cd66e393ca7966dfbaac0ad1a1b3a444b9752a015b512e8517095c91f4717e2
Transport Management System version 1.0 suffers from a PHP code injection vulnerability.
cd5dd78857336257ee61bcf76cd477a9fa12e3c595be519cef024af5bed57cdb
ManageEngine ADManager version 7183 suffers from a password hash disclosure vulnerability.
ddade0c8d44290aca9a54f0c1621504614026325fdfa745fc4d9c008c6feca03
A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free.
f676785fdf4478de819b5665c9ba33c67535e75932f2e0c3889dcb7a0811f410
An incorrect searching algorithm in fastrpc_mmap_find can lead to kernel address space information leaks.
46fa1c601050810eb66a262de97a8b9a9dbe879e08b68141820f5aeffa5d1da5
There appears to be some (possibly deprecated) code associated with AF_QIPCRTR sockets in bpf_service.c. Within this file are some ioctl handlers - e.g. qrtr_bpf_filter_attach and qrtr_bpf_filter_detach. In the case of qrtr_bpf_filter_detach, the global pointer bpf_filter is fetched and freed while only holding a socket lock (and an irrelevant rcu_read_lock) - this may lead directly to double frees or use-after-free (kernel memory corruption) if a malicious user is able to call the QRTR_DETTACH_BPF ioctl on multiple AF_QIPCRTR sockets at once. Based on Android SELinux files, it appears this may be possible from some lower-privileged vendor and HAL services.
9a1258e6adb1b608d6d8bf4e2c0f15fb713920d26890f57e49ad4ff67b1e99c1
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
acbb05776668657012273be9bb3310e3140b79959aa4538e4cca8d30d40c0b8f
Ubuntu Security Notice 7021-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
f5bd65d2898e9829d211a6a95b234a34eb25f17b8ac37caf94966dce73810534
Debian Linux Security Advisory 5781-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
1ef039858c6f77289a0121b0f10830b4ab7779904de169e39eb4e8d6420d6fe6
Acronis Cyber Infrastructure (ACI) is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native applications in production environments. This Metasploit module exploits a default password vulnerability in ACI which allow an attacker to access the ACI PostgreSQL database and gain administrative access to the ACI Web Portal. This opens the door for the attacker to upload SSH keys that enables root access to the appliance/server. This attack can be remotely executed over the WAN as long as the PostgreSQL and SSH services are exposed to the outside world. ACI versions 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69, 5.3 before build 5.3.1-53, and 5.4 before build 5.4.4-132 are vulnerable.
07990b1f6994d1629f554b31888e1fa6a36fccc954738c75a95e2ac86e270498
dizqueTV version 1.5.3 suffers from a remote code execution vulnerability.
b18cb14167c97952ef1684789d6a48b83e5c1338a0677edc0b3eaef195497b45