ZineBasic version 1.1 suffers from a file disclosure vulnerability.
06b86484883fae23c8361309d9226646bad9cb8fbabb56cbe1ca5a708ff912f7
SMB implementations in EMC Celerra, VNX1, VNX2 and VNXe are affected by an NTLM authentication weak nonce vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC VNX2 File OE versions prior to 8.1.9.155, EMC VNX1 File OE versions prior to 7.1.80.3, and all supported versions of EMC VNXe and EMC Celerra are affected.
08ed8e4a761485bceed652d21bc81e6e6db8c003e56286859791cdecfbecddeb
Ubuntu Security Notice 3084-4 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.
3c2fbb7ec5c9ed6f368b4db7d0df2b27e18e1ee5e86cfdd96175561cf787c59c
Ubuntu Security Notice 3084-3 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.
b1527fd478908508ae69451d220c65cad25079f213acdfc0704d763143b2bf13
Ubuntu Security Notice 3084-2 - USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.
d6dd8214eb90ce6f3ecb544516d1c2c9da3a9a47fcaecf9f470de1dad4cd6f92
Ubuntu Security Notice 3084-1 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.
041db440f69287cf86d0d560304f9cc2ad2db1bde818b1fd1fe14913043891c1
Ubuntu Security Notice 3083-1 - Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
52eab0418053602603e73f209e3485a85f8d0aa24f7c884e3f1b8270ed05f0b4
Ubuntu Security Notice 3082-1 - Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.
78480af0d32b0fa86f7245b2313c33bd6ea5a6d3271d63257a89bde3551eeab7
Ubuntu Security Notice 3083-2 - USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
652cd80153f903b94a35a79406720a21993e90e76a9a9d24eecb192b752aa471
Ubuntu Security Notice 3082-2 - Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.
f1feea8469491b747927e478e26065a5bed1b7be3659ba44a7b964e4ea9682da
Ubuntu Security Notice 3081-1 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. This update also reverts a change in behavior introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.
675f6057a1c1f0a39c448e746d1b909c252d28c8cb0a684b52fd7a96408910f7
WordPress Neosense theme version 1.7 suffers from a remote shell upload vulnerability.
483336d59b67f8d8d195f34a5ff3040d94a360e52713228620ce4ef924c1d190
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 7.3 contain fixes for multiple vulnerabilities. These vulnerabilities may expose the Avamar clients and servers to potentially be compromised by malicious users. They include improper authentication, improper encryption, privilege escalation, and command injection vulnerabilities.
5a4bc9d5cbfb3e7fe1be98e04086dfe29c1b721203749f2c75bd95a4099bc49e
ShoreTel Connect ONSITE versions 20.xx.xxxx.x and 21.xx.xxxx.x up to 21.79.4311.0 suffer from an unauthenticated remote blind SQL injection vulnerability.
5fe02891997443ded0a53a2ce816960a4a202cd2c141c914b517d4e640ef0545
EKG Gadu versions 1 through 1.9~pre+r2855-3+b1 suffer from a local buffer overflow vulnerability.
aff59676a07ff154fa771cc294cbe56e8183978dc06b3dd5415de1f85a85f11e
MetInfo version 3.0 suffers from a remote SQL injection vulnerability.
80cb6eb5667364f3286bbb37f303a6416c133be7473e6f3e36d2d33b71b91b40
CodeCanyon iBilling version 2.4 suffers from a cross site scripting vulnerability.
d41d9e15c4377e6843aa40aa225587fee960487ca541dcbc3aa1522e730879d7
ECShop version 2.7.2 suffers from an open redirection vulnerability.
e2a2b9bda2e63613dc12ca1dac19cb1a78d027e42940469e7b036872f2a9c921
Coupon CMS version 5.00 suffers from an open redirection vulnerability.
5599af4764b8c21fc79507d31150a23d50bc62d02d88da4c361685c6f38e5470
VMWare Workstation vprintproxy.exe suffers from multiple memory corruption and other crashes in the handling of JPEG2000 images.
edd5397d8b520f00253f4f9311dff71b9765d0e2c44fa145e57518fe92c73758
VMWare Workstation vprintproxy.exe suffers from a double-free in the handling of EMF (EMR_SMALLTEXTOUT record).
e6eac7c024a8a3b3788360713d4b8f38aa43580e461b5cbd18a110c2d2f297c5
VMWare Workstation vprintproxy.exe suffers from a heap buffer overflow vulnerability in the handling of TrueType NAME tables.
1d5414c24aa6efa04b7bd1a2dd19dca752085107658d72d462362ffb0de5eceb
ComActivity version 2.14.35 suffers from a cross site scripting vulnerability.
811f05821587559d1d5b5dfda3115d93ba677e4524b0e3cfec7d39332bac3a40