SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.
0f89be3598b185b26e1d2346f6a7fe4fee3bd2aa160be8583d7a7b5cb67d1258DlxSpot Player4 LED video wall has a hardcoded password that allows you to ssh in and escalate to root.
ad7221803cc82d07c5c7cb36a0c7fa5ab1c1470b7d79822c80ae2cf2222c91efDlxSpot Player4 LED video wall suffers from a remote shell upload vulnerability. Versions greater than 1.5.10 are affected.
cd16ccf2cb79eec67b0acdb89179c16a34bf3dd46fa56e1744900720137d99d1DlxSpot Player4 LED video wall suffers from a remote SQL injection vulnerability that allows for authentication bypass. Versions greater than 1.5.10 are affected.
fdaa1e5ebec65e962e6328d916742401f61f014c18d915bc5c8aa40a4a021264There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the server has finished sending the document. It is also possible that some JavaScript code is going to trigger. By making DOM modifications before the document had a chance of fully loading, followed by another set of DOM modifications after the page has been loaded, it is possible to trigger memory corruption that could possibly lead to an exploitable condition.
5907d1f5e11d78ce0680fb433a3f355dee6f8223e8d01f9b8f025438c5f23e93The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtQueryCompositionSurfaceBinding.
97dfe662c3e212f195077df81c9f450105d5f5bb498fe0cb34f4f678d2acedeaThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiHLSurfGetInformation.
9771af75ba5776d56facb4df49d7fb859a4bfd6477530871ca30eecee7176653The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiDoBanding.
ce5174da745945af0536226dcc68a30316e457cf0c82745d0f967acc1000fce4There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 (Microsoft EdgeHTML 14.14393) as well as Microsoft Edge 40.15063.0.0 (Microsoft EdgeHTML 15.15063).
50a17f878e4cb540b01d5045a6e10dff2e139109eb14511dd0fda4dc068c0013The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiEngCreatePalette.
19534c75943c3e0642c38c1564dd540a57e1e016170d58381a59ca2351582871The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetFontResourceInfoInternalW.
93d7bebfe66c56e0f2e14114d0667f06fd44fbedd76a6a86c9c8179152bfeb4eThe Microsoft Windows kernel win32k.sys TTF font processing suffers from an out-of-bounds read vulnerability with a malformed glyf table.
a7050910c77e420b0c7a955a70fb099fcb4a578af737567b9b07ba1c37388057The Microsoft Windows kernel win32k.sys TTF font procession functionality suffers from out-of-bounds read/write vulnerabilities.
288ffdbaba2e2fcb71c5fde2989befb9b43c48a7e7f6adb9ef3667963dbffee6The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in nt!NtSetIoCompletion and nt!NtRemoveIoCompletion.
3630b21a4a12c4dba45a03bdcb41c540d368fe13592dfc7ada1b19900383ec7aThe Microsoft Windows kernel suffers from a memory disclosure in win32k!NtGdiGetPhysicalMonitorDescription.
6fd91d83df1fd2ff8ea38e6df707d3861af5a3c8767520a522c0175d961f22a7The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in win32k!NtGdiGetGlyphOutline.
ec2b6c6d3ded9a4ffa1e0a602b06d411d8cbc260e93769ce539adb46150ee7f9RECON Brussels has announced it's call for papers. The conference will take place January 29th through February 4th, 2018 in Brussels, Belgium.
fae09377da85525c09370bf585b8d0a6c2e5c006a0cee1fae4b38ee49c03df59Watchguard's Firebox and XTM appliances suffer from an XML-RPC empty member denial of service vulnerability. Firmware versions below 12.0 were found to be vulnerable.
f35060e5dda494448736ef7b95004a77b73f2fca248240116812cd811357f138The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
f03b9428d67dc46ff3b712d7c827a00f746ceef20553d5b7b9236072384bb73eiBall ADSL2+ Home Router suffers from multiple authentication bypass vulnerabilities.
635f009d1e12b5496c298300d09fc7cad1a9cfc40696486a53a78e70d1171973UTStar WA3002G4 ADSL Broadband Modem suffers from multiple authentication bypass vulnerabilities.
08e31fe478f251ddfcd511deb891b99dadb6a1658d5c494bffb351ffd9adb0baZKTeco ZKTime Web version 2.0.1.12280 suffers from an information disclosure vulnerability.
811eb0b57b3cd49cee2189f5eb612a73cae9f96638a3df2820261c8a6a572841ZKTeco ZKTime Web version 2.0.1.12280 suffers from a cross site request forgery vulnerability.
43760e15c0b9deae51f97468c95fdc43e7806e482b1715bfce02ee8a952f4d6eThis Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
0fd670ee0f6c6f5dbfa40428bd339e9dffb1fade0801ed1ea13795174324240dRed Hat Security Advisory 2017-2760-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.
63f5ba90523673c11c99253e704d39c3afc183161c91cfb839cfbf9db858fc32
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed