NethServer version 7.3.1611 suffers from a cross site request forgery vulnerability that allows you to create a user and enable SSH access.
506bd73cba435320476f8c6c120eb81758a4c66abbe6f9abe6c835471d9a47f9NethServer version 7.3.1611 suffers from a cross site request forgery script insertion vulnerability in Upload.json.
2a0ace159ea005353227f89c3e7216fff084b687422b6176f3145b7decaf0f16Debian Linux Security Advisory 3956-1 - Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan, a network manager for embedded devices. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service.
1c6dc41641177aab4fc2b9b58a615a854bef0b0a67b8e258359e3e8ec855a6e4Debian Linux Security Advisory 3957-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. These issues could lead to Denial-of-Service and, in some situation, the execution of arbitrary code.
61083a45d9c0376a31be684fe8b36ad5076bd28860de87aa85fec64e5bb7effbpyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
b3fe02a7507c7edb286076361e381395bd1bef413c6345c139976657bcad9e17Red Hat Security Advisory 2017-2538-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. Security Fix: A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory by sending specially crafted HTTP requests.
79ce5cdcbe0cbbc085c98d66b45bb72a7aa104db74a886fb9fc2df65ea217b15Ubuntu Security Notice 3403-1 - Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted document to cause a denial of service. Various other issues were also addressed.
6dd983d679492b9318efe888eca4eb9bab8194da18e90f8b337f86dad6d87e3dHPE Security Bulletin HPESBHF03770 1 - A potential security vulnerability has been identified in Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat. The vulnerability known as "httpoxy" could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
2af8ae566d18e3cd782b2353bc2bd160ea874bc5b28f246c238fe9f009bc5455Ubuntu Security Notice 3199-3 - USN-3199-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that the ALGnew function in block_templace.c in the A Python Cryptography Toolkit contained a heap-based buffer overflow A vulnerability. A remote attacker could use this flaw to execute A arbitrary code by using a crafted initialization vector parameter. Various other issues were also addressed.
1428af321c89f55dc7b12672634207a5aca4471a323e200ab47ff1cf2abb4b37Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
2ca96b106cbf6af495fe558e5111838c74cab0492e9b5d376f567b430e57052fMISP (Malware Information Sharing Platform and Threat Sharing) versions 2.4.79 and below suffer from a cross site scripting vulnerability.
d5d95664a334a528dd6612f67991bd576886442c2f66af94f4b6396b958b356cUbuntu Security Notice 3406-1 - It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service or expose sensitive information. It was discovered that a NULL pointer dereference existed in the Direct Rendering Manager driver for VMWare devices in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
713a8ec2966db4dfb7a60eb6aba6c8abc38cb940925a7a8602735cf1998e3b56Ubuntu Security Notice 3405-2 - USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
9fb7e5e4b1090eb89ab9343b4aac56e8f9b44171aade9cf1e7eb6e419ed30450Ubuntu Security Notice 3405-1 - It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Huang Weller discovered that the ext4 filesystem implementation in the Linux kernel mishandled a needs-flushing-before-commit list. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
e985c878ac1f840112d8ae173a55521c302cdeedb1d58e78149cb339271b8e3aUbuntu Security Notice 3404-2 - USN-3404-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.
2d34da306d516c16c1e2ce1d0a0fe419b9503fabe728dc169521bcf6b9b61947OpenSSL Security Advisory 20170828 - If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format.
bfe693c207e12bf41b62de943a276fa92f260530bb94dfc8fc7787631bc42165Ubuntu Security Notice 3404-1 - A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.
fa33301449a180f6590fe7f0733eaeb35c623426b0539632995cb7b32c393c21Matrimony version 2.7 suffers from a cross site request forgery vulnerability.
816a06c7d7595ef71786ff4e62fb3f1dc153c5931fd480a80b7b0ff526b4b08fWhitepaper called Offensive and Defensive PowerShell. Written in Turkish.
2890c304c4261dd5eed0bdb50c6c7a26c5b83382a7c23c2b1b6541e599fd298fEasy RM RMVB to DVD Burner version 18.11 buffer overflow exploit.
0e6caeaabff62e5b13661c152cc35327130cb5693f71488479e4f3a2ad4a8b9ePosty version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6aac32b2b95d9b88395dda6d01793a7227412fd7fa133fa0f854618d81b1a38eEasy WMV/ASF/ASX to DVD Burner version 2.3.11 buffer overflow exploit.
e32cd0f9d448918e1a94e76e77bfb0ff63cbbf3418eb1d6d9c56182c8950bec5VX Search Enterprise version 10.0.14 remote buffer overflow exploit.
13eec855947676a3ba5f8e915538709a850cca19ce222df2d53ae8307fc7f669
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed