Ubuntu Security Notice 3212-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
50e2487e59c9fd362a115544695941590f358ca4f554cabb42c9b3cff485021fDebian Linux Security Advisory 3795-1 - It was discovered that a maliciously crafted query can cause ISC's BIND DNS server (named) to crash if both Response Policy Zones (RPZ) and DNS64 (a bridge between IPv4 and IPv6 networks) are enabled. It is uncommon for both of these options to be used in combination, so very few systems will be affected by this problem in practice.
86e40195616d99aac19e9800de1e3dbfa600b0a1ee60a80c689b1662a783f93fSAP BusinessObjects Financial Consolidation version 10.0.0.1933 suffers from a cross site scripting vulnerability in the help component.
e1c3b280b616f49203e631b097d8452366c1bc1d167923df6eaec5b44d8621daWordPress Kama Click Counter plugin version 3.4.9 suffers from a remote blind SQL injection vulnerability.
7b5ef69b6b97a43db2c22b7c986ab5c6708c891ad419e225062136d32fcbf4b2Red Hat Security Advisory 2017-0334-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
19cced191afef3410b94196b2ef1b52ee122bd2e34310aaf3c54a2109af588e2Red Hat Security Advisory 2017-0333-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
87c6c0f2fe3882e45e94520339d1408a8bcc62bfc6cb48d0e5931e52b28d061bESET Endpoint Antivirus 6 suffers from a remote code execution vulnerability.
c7701e850775921c290fab971ba6e9f9e2bc42bce5530df9fb4a6cf9cb8f8a41Red Hat Security Advisory 2017-0332-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
75490a619fdefa36d765ede85fb3ad58f67c9631556867e798021ad603823ca1Red Hat Security Advisory 2017-0331-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
0acf2f8908dd3892824436c90c9757cd4da8d96f065bc500c9e67e0610a3962eRed Hat Security Advisory 2017-0330-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
9c9890d5ca9655e409fe594122627306cc391b40e722fce39ebb4f82ee35ca7bRed Hat Security Advisory 2017-0329-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
b95ace6e48e4ac1b3a9c696093a41ac063fb080d5db4ed1d037b3ba1b7a4d5d8Red Hat Security Advisory 2017-0328-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
49ddd681333c8721ff75b494a6ec7b0b3f313420c821430e606b93ae2a083c2bLinux kernel version 4.4.0 (Ubuntu) DCCP double-free crash denial of service proof of concept exploit.
a0f4f346bb3922a65ad83f6434b6f4f0bf3fb14dd45ace78225df3ddb92a4015Whitepaper called RSA Asymmetric Polymorphic Shellcode. It discusses how to encrypt and decrypt the opcodes of the shellcode, how the program that decrypts the shellcode was built and how to get the opcodes, and much more.
93368309eca8761ef79917d500ffd5c90f21a2efe3f616c0bb717388b4aa75c5Joomla OneVote! component version 1.0 suffers from a remote SQL injection vulnerability.
a3424bc63b59d7ea87dc4f5ce330ff870f2d207997230c9c2450b24f00af5f01Linux Kernel version 4.4.0 (Ubuntu) DCCP double-free privilege escalation exploit that includes a semi-reliable SMAP/SMEP bypass.
d95a6320998d1c07f0dc742ce98f62afafaa9089380d2236114f837209858df1Netgear DGN2200 versions 1, 2, 3, and 4 suffer from a non-administrative authenticated remote command execution vulnerability via dnslookup.cgi.
99c9ae06ec4806b61f395324ca46e61fb502eec55131c4cf088ceadb4d9636e2130 bytes small Windows x86 executable directory search shellcode.
289f151f310b5a7ce7f47a8d8cc040ffad05113b3db0878ece68f355b071948f54 bytes small Linux x86_64 random listener shellcode.
f94822e2100cf2c24cf047058109a4037406aae6804b0953a955a601caf31743Joomla Gnosis component version 1.1.2 suffers from a remote SQL injection vulnerability.
347e17f2725bca0f0963579830efdb64f8557767b8aceecb55a5288cfd5cc1e3Joomla My MSG component version 3.2.1 suffers from a remote SQL injection vulnerability.
711d20ebe93ccb6c5c96ee724a3489955a4fef991c536b597a6a1e62e7a0e072Joomla K2 component version 2.1 suffers from a remote SQL injection vulnerability.
68833db8ae2555c79e98e2cc016f775ca6f096c74e913fe80ea4f830cf8d569dJoomla Spinner 360 component version 1.3.0 suffers from a remote SQL injection vulnerability.
b7cb6b21e85596664eb449f71574b6300a03518a2fccda3f24e454e34aa24d4bJoomla Appointments for JomSocial component version 3.8.1 suffers from a remote SQL injection vulnerability.
c239543451010d937e5d51a99d49517a9271a5b6ef763976200612ed6225c59fJoomla JomSocial component suffers from a remote SQL injection vulnerability.
b1c01319d3a8338631ce25581d1de43bd4deb4b0d8222a6f54a0c4f3b03b2841
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed