Ubuntu Security Notice 2780-2 - USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides the corresponding update for Ubuntu 15.10. Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library. Various other issues were also addressed.
b07559135335bcf314f4f89008703d4bc96f9143e02bf9e7d4bb22f1b3335a91
The Realtyna RPL application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Multiple cross site scripting vulnerabilities were also discovered. The issue is triggered when input passed via the multiple parameters is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
047a0c2fea9daff58d424e91c2902c98b106fa3fb893e43fbb2aa3fcf6462fb1
In versions of Mac OS X before 10.11.1, the applescript:// URL scheme is provided, which opens the provided script in the Applescript Editor. Pressing cmd-R in the Editor executes the code without any additional confirmation from the user. By getting the user to press cmd-R in Safari, and by hooking the cmd-key keypress event, a user can be tricked into running arbitrary Applescript code. Gatekeeper should be disabled from Security and Privacy in order to avoid the unidentified Developer prompt.
9ce25e64b927af84c807e90aff34d53a6d9d3e37334d7f8087944eb2e190924f
Realtyna RPL suffers from multiple SQL Injection vulnerabilities. Input passed via multiple POST parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
711cc873d9f03c97d0b1aff0b9423799ea4457bd355199d1d787cb915373136c
Lime Survey versions 2.05 through 2.06+ Build 151014 suffer from arbitrary file download, database access, and php code execution vulnerabilities.
e64f7d819aa7dc537c606c5a35ab89341148e290c54c9d62321a5507095816c5
This proof of concept exploit allows any attack to reboot any CX9020 PLC and add random (Web) users to be configured.
e9c12da930af4ff1905dfad1e33339cdaf3ba7a5fbb4f3b0eb58ec445d1ad02b
Bamboo had a resource that deserialised arbitrary user input without restriction. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Bamboo. To exploit this issue, attackers need to be able to access the Bamboo web interface.
d92d7a7741f8085d106c9c636c2d5147d69c3234f902a1eccb57a0203ec89b96
TeamSpeak Client versions 3.0.18.1 and below suffer from remote code execution, remote file inclusion, and directory traversal vulnerabilities.
0f1f28ec7d178ae2c06e6cef9201c86e88856619c37624414d85b53ac8c1c798
Microsoft Compiled HTML Help remote code execution exploit that downloads a malicious file.
f4dc71da21f607ff9cc2c465a0b85603953ff83391f6e202d6235c9186f0f389
Subrion version 3.x.x suffers from various access control vulnerabilities.
62768949a23bcb01a340e14b69cadd8ee0b7efefabc11cccce4ab1fb165617b6
Red Hat Security Advisory 2015-1929-01 - Ironic provides bare metal provisioning for OpenStack nodes. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables debug mode in the underlying Flask framework. If errors are encountered while Flask is in debug mode, a user experiencing an error may be able to access the debug console. All openstack-ironic-discoverd users are advised to upgrade to these updated packages, which correct this issue.
d840b1f47da288f143473ad18550a3aab494bf1a340c40dda738b33147db375b
Red Hat Security Advisory 2015-1927-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
15536e37a3a34104a1bc1c3bf040fa32fcdb55519d6a55370937d6830cf6d00b
Red Hat Security Advisory 2015-1928-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
8630214eb4aef914d44073d8014ed234523b2760c2a6ebdda2d771bd3c1fadce
Red Hat Security Advisory 2015-1926-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
f8dd846665906a188878d41b7ab5af8500459fa5211f249dc609397075c5644e
Red Hat Security Advisory 2015-1919-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.
61741eff25178d8a836136a28b69a8f3bbcc4ac945d6b0df70d7d90b0952034e
Cisco Security Advisory - A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper handling of Internet Security Association and Key Management Protocol (ISAKMP) packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. A successful exploit could allow the attacker to cause an affected system to reload.
7d4c5d946c180d7db530886cb28a882fa6b9283d15f09d4167f604144f2962a9
Cisco Security Advisory - A vulnerability in the DNS code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance to cause it to generate a DNS request packet. The attacker would need to spoof the reply packet with a crafted DNS response.
5ee7857505fa994098c9c9e4ce490ca05c88b03d2bf0c2ad43f540c2734e5f58
Cisco Security Advisory - A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device.
3f9de37e2bd0d6154ff3b114a4806263fcf7f098d579b9784472780cdab25a3c
Cisco Security Advisory - A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device.
3cc98d2dc398f7a9e51ff5963ef2b4bfe4df15fb4b805490adacbb8b168d210c
Ubuntu Security Notice 2770-2 - USN-2770-1 fixed vulnerabilities in Oxide in Ubuntu 14.04 LTS and Ubuntu 15.04. This update provides the corresponding updates for Ubuntu 15.10. It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. A use-after-free was discovered in the service worker implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
cc7ff3720ed49e1a8614059f8624fd170ac675d3c067ed96ba831eff2cb7f5c1
Red Hat Security Advisory 2015-1924-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance or potentially execute arbitrary code on the host.
57efea710eb0a005d7e1005b14e3ee253ed6fea58cad65476af25481bb094aab
Red Hat Security Advisory 2015-1925-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance or potentially execute arbitrary code on the host.
34474d4388dd63016e4f02e85c330f5170d5ff26ef1d9a1683efbba058d5b9f2
Red Hat Security Advisory 2015-1923-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance or potentially execute arbitrary code on the host.
f012e9ccacba8f64dd5aab7e0ae3942dd803d745e77056bb3a70aaf782bcb6ef
Red Hat Security Advisory 2015-1920-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.
9ac18bfdf04382d72ffee12d18413d5e56c5159d29a01fbfecafa03341a81c10
Red Hat Security Advisory 2015-1921-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.
14928189fc53248a9ff8eeea22f0708da21860ebd6b0655af037f636a10b3bbf