Ubuntu Security Notice 3208-2 - USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.
1d3dac77e17589a335d73b1696ce93581c43caf1d8c627cd121b232338ea070c
Ubuntu Security Notice 3207-2 - USN-3207-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.
da2d54a183091695057210caf21913be9b3b7213195d0df2dcfb4bcd1c217b32
Ubuntu Security Notice 3207-1 - It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get function in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.
8c63b74c2660cad561d31b5daa2b648f239ed45fba675efdbab4f5568685b605
Ubuntu Security Notice 3206-1 - It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get function in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.
c2b81ff2da57e7cc88a256cf883b5dac0b8c916a800f4bd5c43b16498f58613c
HPE Security Bulletin HPESBHF03709 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE Network products including Comware 5, Comware 7, IMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
414ea6f3c5b3e7999c29f72f9d98f7564c65daca2564e45323cbaa2b1fe411c3
Teradici Management Console version 2.2.0 suffers from privilege escalation and remote shell upload vulnerabilities.
6bf7b459a6a46c6222547edf5ffc0a9e578ffbaf805f0d0ae35d7ddf0e03c525
Joomla Store for K2 component version 3.8.2 suffers from a remote SQL injection vulnerability.
0ebd473321d82286f04ec08d239a89957e7fcb61616fcf16232ba3c972fb4797
Joomla MultiTier component version 3.1 suffers from a remote SQL injection vulnerability.
8de5f5c7e20171d897b57eaf9d15743057715a429c8292c060ee3292bb2a4a3d
Joomla UserExtranet component version 1.3.1 suffers from a remote SQL injection vulnerability.
aafe883611e9d42b48cd2269c217e4f600e6c4bd488441ba8a743887ae65c08d
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
480c266def8a9a078b22185e4cb7c7f511128a75eee5c956d914e734bc254941
Joomla MediaLibrary Basic component version 3.5 suffers from a remote SQL injection vulnerability.
9b69ec3e4752bb0f21b383c1a694eb6bfe8932bfe8667b995bf7aa10959ab7b6
Joomla Magic Deals Web component version 1.2.0 suffers from a remote SQL injection vulnerability.
64e1c8458215e867a9991eea2dd205eed7c5734f1954e7a45b5dbb20d57bc0f8
Shutter version 0.93.1 suffers from a code execution vulnerability.
e3d568c9eb4e4e0e09acacfb2606ced6700290ae300de48aff549213f20b4370
Joomla RealEstateManager component version 3.9 suffers from a remote SQL injection vulnerability.
c4934dede8c39bcd7bbf3e83a2f99a0a6ecbd8e789248e0107eff26cc8b29274
Joomla VehicleManager component version 3.9 suffers from a remote SQL injection vulnerability.
cd32d802dbb3add563f3a3ecce97a267df7cc7df415cdf586e4d846656a427db
DIGISOL DG-HR1400 wireless router suffers from a cross site request forgery vulnerability.
99b0bcc098c8f9cc5cb9af3cf6d1ccd41f42458bafb1d68e6455336f95c1505d
Joomla Directorix Directory Manager component version 1.1.1 suffers from a remote SQL injection vulnerability.
fab2f05ae7c00b165265e21057327300ff2a67821d0f2aa461b65ad26fccb2ad
Joomla J-CruiseReservation Standard component version 3.0 suffers from a remote SQL injection vulnerability.
1e69bf370306f6ced290b30308c972f36084d7796974ff6ea313c1e5fc06a5d6
SySS GmbH found out that the radio communication protocol used by the ABUS Secvest wireless alarm system (FUAA50000) and its remote control (FUBE50013) is not protected against replay attacks. Therefore, an attacker can record the radio signal of a wireless remote control, for example using a software-defined radio, when the alarm system is disarmed by its owner, and play it back at a later time in order to disable the alarm system at will.
8a8d17e3da23eea63578ceb1aa4e218702f1cf2045f0bebd979c6137285f27e3
Joomla AppointmentBookingPro component version 4.0.1 suffers from a remote SQL injection vulnerability.
14d56e2c02dfaffa9e4dfcb2957e30b0f58a6b538d61be88ebcbf6c9f594ccf9
Joomla J-MultipleHotelReservation Standard component version 6.0.2 suffers from a remote SQL injection vulnerability.
d492b1c4311d271498e1fd4131259e62a57e2b85e45e8c3a97bbf74be54bc6c2
Joomla BookLibrary component version 3.6.1 suffers from a remote SQL injection vulnerability.
e203bb585ecc31b9bea7862404a5cfd993d1bc546c5ac5c46736c4590d873bd2
Album Lock version 4.0 suffers from a directory traversal vulnerability.
18c5ec4e4b75762ed5734f07628b3b64f91ed3cb6d4bc191aac12e6f9824bb61
Joomla Eventix Events Calendar component version 1.0 suffers from a remote SQL injection vulnerability.
40cba0d07fc796622e947e4970c3e4a79c5507e59f8026c46a277fd60063541b
Joomla J-BusinessDirectory component version 4.6.8 suffers from a remote SQL injection vulnerability.
4363cd77823171f14e01cc29d3b336b9ca9726ba05bfd8090e5dfc98722177cf