Nexus 9 running Android version 7.1.1 build N4F26Q and below allows unauthorized access to the FIQ debugger via its headphones jack, which allows for information theft, weakening of ASLR, leaking of stack canaries, and more.
d9c74cae1b9537b3016fd597e2a6df39187b9c1c8e8133af3e28c32dcef00b7eUbuntu Security Notice 3230-1 - It was discovered that Pillow incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Cris Neckar discovered that Pillow incorrectly handled certain malformed images. A remote attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
4567359cee610c1b04db446afb56c869241835ed35475927c8df05f4fa248e88Ubuntu Security Notice 3229-1 - It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
566781995fa869e79dd291a7fae8254b49124816bd9cda1d033a34a25f9cea04Ubuntu Security Notice 3228-1 - Guido Vranken discovered that libevent incorrectly handled memory when processing certain data. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of service, or possibly execute arbitrary code.
386971fbf66a883ec79bf7a421b0fe0ebe1c725661d1c3a697d7254f90775ab1Ubuntu Security Notice 3227-1 - It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
6c4f28c6df9553b4c737b8e41f4ace509dad9353d16efcc3966e4c00b414e8c0Ubuntu Security Notice 3226-1 - Jerzy Kramarz discovered that icoutils incorrectly handled memory when processing certain files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause icoutils to crash, resulting in a denial of service, or possibly execute arbitrary code.
5d8f243dda8eeff262a9f453247a19a85687fd90f5858df517932e3b8cc6ac25There is a security issue in VirtualBox in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to the whole filesystem of the host, at least on Linux hosts.
c9f9eb8f4f8c3c50564214f6ac29d40c1b3dcef3b36d17d859679d3dfbc1e023Cerberus FTP Server version 8.0.10.1 suffers from a denial of service vulnerability.
9c7ca7860f3b891f186dc4c0f21ba4c571a143454f849a5b61bc80961d8d46ecJoomla ALFContact component version 3.2.3 suffers from a remote SQL injection vulnerability.
2de83a11c1919fe15411eba3dbfba8be15072b09df5b908133a06641346e7147Whitepaper discussing local file disclosure attacks via remote SQL injection.
940d4b6633aae1d9c2af7031f2faf416054ec79ee99ea8bae458b1ec6d9ba112rldns is an open source lightweight DNS server for linux, netbsd, freebsd, and openbsd. Runs on x86 and x86_64 architectures.
c71120177f5b183bcef952217dff5bd599a68f725f3425068bd2537d987c5c04Car Workshop System suffers from a remote SQL injection vulnerability.
5dba205b31cc50082a8779bfa1dbba9da5c1fd532023bcd7798557a3a6ca03cc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed