Debian Linux Security Advisory 3723-1 - Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code.
1d94de5f108a641a7b5e9dbc3bb7d8da7246df577309dc403eabaf566072824b
Debian Linux Security Advisory 3724-1 - Chris Evans discovered that the GStreamer 0.10 plugin used to decode files in the FLIC format allowed execution of arbitrary code.
8ff0cf57f3b3288f0d4eeb96051a5dfc1fb32ac32bbcb923eced76c5d2f39456
WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.
0bb0d94ef5393df1da4ec3d3dd81c9738261921d4c15cfd9d9d4d0d680c19feb
Ubuntu Security Notice 3137-1 - It was discovered that MoinMoin did not properly sanitize certain inputs, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
5dc21582c4e5438359f7e9cbf7f3f1a05d7d569e8fb102ddc0de309ed17acf4c
Ubuntu Security Notice 3136-1 - Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container.
fa5f78b6a71df95c1a351871bfca0a6692f9f30f599849d1fa869ef3197ddce9
Docker versions 1.11.2 and below suffer from an issue where a forged VXLAN packet can be leveraged to scan services that are not exposed.
a4e4a57ace4ef27819179237d6afd95b851a2dcb97baf0583bc8133f4f80246a
GNU wget versions 1.17 and earlier, when used in mirroring/recursive mode, are affected by a race condition vulnerability that might allow remote attackers to bypass intended wget access list restrictions specified with the -A parameter. This might allow attackers to place malicious/restricted files onto the system. Depending on the application / download directory, this could potentially lead to other vulnerabilities such as code execution, etc.
c9c7cf1f94f2e1d07833e7d43576bff9a1066ace4df75ff0824c5188b1e5e8fe
HP Security Bulletin HPSBHF03673 1 - Security vulnerabilities in MD5 message digest algorithm and RC4 ciphersuite could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. These vulnerabilities could be exploited remotely to conduct spoofing attacks and plaintext recovery attacks resulting in disclosure of information. Revision 1 of this advisory.
602636acd9eb352dc892bc1bded1cab28642c3e6645b73e0d9f61fe6df4d7dd2
JBoss EAP's JMX Invoker Servlet is exposed by default on port 8080/TCP. The communication employs serialized Java objects, encapsulated in HTTP requests and responses. The server deserializes these objects without checking the object type. This behavior can be exploited to cause a denial of service and potentially execute arbitrary code.
1402dee1010d43d2904c61bd152231b878698f6ba49611de5845ac70f3bc4052
SySS GmbH found out that the 125 kHz RFID technology used by the EASY HOME MAS-S01-09 wireless alarm system has no protection by means of authentication against rogue/cloned RFID tokens. The information stored on the used RFID tokens can be read easily in a very short time from distances up to 1 meter, depending on the used RFID reader. A working cloned RFID token is ready for use within a couple of seconds using freely available tools.
f2b5958d04f9bcacb801da8a3f95c98a49142000d47cd1feadd0ebc033c088f0
Due to an insecure implementation of the used 868 MHz radio communication, the wireless alarm system Blaupunkt Smart GSM Alarm SA 2500 Kit is vulnerable to replay attacks.
4a74349e30018d4eadb03382d40421e1c607aee428fa11c9c661fca820e654b2
Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to replay attacks.
b19e73ae566f67141fff01b385e124ffe916d02b99d2f4b1eb6581a9331a10b9
Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to brute-force attacks.
a33d718d22481da6180fc9af25a09eb7609ae79013ec68a0eb5bd6fddea35071
VMware Security Advisory 2016-0022 - VMware vCenter Server, vSphere Client, and vRealize Automation updates address information disclosure vulnerabilities.
2eb92731937c7a5f68f3b95bc7e5f57ed0efd31f7f258f98f7bf28685a4a7363
UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks.
ab4bfbe01de8884e92fde956506ce90ff8b75920f8923dace877792e43cd3b3b
VMware Security Advisory 2016-0021 - VMware product updates address partial information disclosure vulnerability.
d9372685bd6c303cf6ae449efe2efe58514a7dbbadea4f0e2ab2d3978136abf0
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
f5cd8522d591a0dd1ba1a51efe38a2cf35711c545c26210022790e8d6241ce45
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
89726c52dece93dfee0c409aba6bbbf3c5eb1b6f1352a6d7e18e3810d01951da
This Metasploit module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently only works against Ubuntu 16.04 (not 16.04.1) with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation.
bf300c0c899733b435995c0ef2a36f7a7f24b72ea483dc9898f85b794dba5bc8
Linux kernel versions 2.6.10 up to but not including 2.6.31.5 pipe.c privilege escalation exploit.
75d9acb7f4a5e730359a428a3f8ffeafa457fd42af8d7374f068563ad3b0968d
Linux kernel version 2.6.32-rc1 x86_64 register leak proof of concept code.
b1b558c35419a8907982c5211fe3a645007a4ed810c911987941600803db3d08
Linux kernel version 2.6.18 suffers from a move_pages() information leak vulnerability.
c05fdfd283ea5558f5b2b11b7f21af43ae4f388bc69af29cd4cfce64f3668c24
Olympia Protect 9061 article number 5943 revision 03 suffers from missing protection against replay attacks.
b73813379c9c7ae3a3ca7625ea543b01df7c00b2718c1c9ba66959c0c4a4ff2d
EASY HOME Alarmanlagen-Set MAS-S01-09 suffers from missing protection against replay attacks.
aa11c4d5d771f9d150ecfead9f82a16873ca84a8146387dc50c052e29720ecb1
A specially crafted web-page can cause the blink rendering engine used by Google Chrome and Chromium to continue to use a speech recognition API object after the memory block that contained the object has been freed. An attacker can force the code to read a pointer from the freed memory and use this to call a function, allowing arbitrary code execution. Google Chrome version 39.0 is affected.
55331823f8dfff200255c77a7bbd5aa302935b3af6f4e3f1ef14fc56b9da6164