Red Hat Security Advisory 2018-0349-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.
a5193bcd01498012225250e8c493b1011be7f27b55df40690e4a03b7aac1fecd
Red Hat Security Advisory 2018-0352-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
0747b311eba7722f568906e172a0f201037893e0f8ddd8b951ef3a339b7dd292
Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.
f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3
Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.
dcd272d0bdc191e8821a8ff0875bcb1f860b59d55a4d240aea12f18340ff7f74
Ubuntu Security Notice 3584-1 - Gabriel Corona discovered that sensible-utils incorrectly validated strings when launcher a browser with the sensible-browser tool. A remote attacker could possibly use this issue with a specially crafted URL to conduct an argument injection attack and execute arbitrary code.
c5f78e5a05cab518c15e4395053c786bc2d75b96e73fc9c6895d5cd6283525fd
Red Hat Security Advisory 2018-0351-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
af327ee7be945314f6bdd71373f6b237240539412ecb3a9c8b991c77002eea53
Red Hat Security Advisory 2018-0350-01 - The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet files. Security Fix: gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution.
8f5c047a0dadbbe6391693ce574c81f5df12b643260849f79b81ba79213ad986
Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.
bb991ba13071f908ba4e3a364bc5fd50ffb86a758000294812e5c584d0d94d00
Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.
7ce6eb5d2b74840cec684d30e389db8a84881dd35088091f86c3e601f3984460
Torrent file parsing in libtransmission suffers from overflow vulnerabilities.
54ad18d8336156df7524e96c3d9da8e72a4e6da0788daef159edd65d3ca2b6b4
Chrome V8 suffers from an integer overflow vulnerability with PropertyArray.
78544b73868b4a617f838b6eedac6007779756c897dfb03b1166522de63fa42c
Chrome V8 suffers from a TranslatedState::MaterializeCapturedObjectAt caching bug.
c58dbf70a613c66bda60e5bdc9cedbc4e6777ffa60ce1c11ea4b8bd448b8f253
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
d6f7b3191669a5642be277c9d85c1f4392168f0f907fb0ec525acce0b7bd2ee1
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
b3b2ec29fba0f4a3a590438abe4054e56f19108d440fc2d61492db9d8ff16fd7
CMS Made Simple version 2.1.6 suffers from a remote code execution vulnerability during install time.
5ee860225d19ea3519646adc2baa5fdf983dff08dc45cb7a9c96ed42a5740114
Microsoft Edge Chakra JIT fails to check the return type in CallRegExSymbolFunction.
67802618169608e3a9e35257ed4d818c3a6a18aa296e1e9e8d75ffa718a13eb3