MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
6d1531c70a901fcddf9cb989d488beaf78ac0cc16d11beb981b99200146c4848
Debian Linux Security Advisory 4149-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.
1c7389b0224ab4e18e59ca810fffad595ec7e444382dcfd5c7ca050d6ff9fe23
Debian Linux Security Advisory 4148-1 - Alfred Farrugia and Sandro Gauci discovered an off-by-one heap overflow in the Kamailio SIP server which could result in denial of service and potentially the execution of arbitrary code.
e87cddf537333c67b35c77df0b4654923385c58cacf82f01c14db41e505b9e61
Ubuntu Security Notice 3605-1 - It was discovered that Sharutils incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.
46da1fd9325cd2d43ed8dceeb1c58db4e6634c06ca6432748e4845c0ecab9a7c
Easy CD DVD Copy version 1.3.24 suffers from a local buffer overflow vulnerability.
af4cd9dc175f4d6e44a034f2c38317b533f3f93eb325533d511ebc5936edc685
Bomgar Remote Support Portal (RSP) suffers from a path traversal vulnerability.
198c0a663e903151778dba0bb70bdc8962d81bbecba75ce4118877f409e1811d
The ModSecurity for Nginx "non-release" version suffers from a use-after-free vulnerability.
d9207b29252240c7674a132fbfa13cc88942175716e3707ba61e89b39606af89
The Kaseya Virtual System Administrator (VSA) agent "AgentMon.exe" suffers from a local privilege escalation vulnerability.
ae389b3de0f2ff85eb73501729ef4cc6e3a1d36853d5c2a3572be96e3b97a4e0
Allok Quicktime to AVI MPEG DVD Converter version 4.6.1217 suffers from a stack-based buffer overflow vulnerability.
6d738f758b76780e760be1a5fe53c647f19ffdb922705b0359e252d722d281c8
XenForo 2 suffers from a CSS loader denial of service vulnerability.
f08a899f612b499b3a9aa1796d8fbaa32aad423a4aeac9610cc59c1f5b5c6e17
Ubuntu Security Notice 3604-1 - Richard Zhu discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause libvorbis to crash, resulting in a denial or service, or possibly execute arbitrary code.
0f9ff2cdeecb8cc4d2a898709c8507ddce8da29f88a7fa316e533695fbe0ec36
Red Hat Security Advisory 2018-0577-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.4.9 serves as a replacement for Red Hat JBoss BPM Suite 6.4.8, and includes bug fixes and enhancements. Issues addressed include an unsafe deserialization.
3cb20342e0b9efd7127480a6a4332fc2b3ca035d5ff90a465ff02df3041ccdcf
Red Hat Security Advisory 2018-0574-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb101-mariadb. Issues addressed include a use-after-free vulnerability.
4811f7e8cd18589d5a9575a92358807bab59dcc849440d463cfcb0318d3f1686
Debian Linux Security Advisory 4147-1 - Several vulnerabilities were discovered in PolarSSL, a lightweight crypto and SSL/TLS library, that allowed a remote attacker to either cause a denial-of-service by application crash, or execute arbitrary code.
7ead6a7dc4b5aab9da285061c8c3be7b94df65df2625647f2c613e33c550985d
Red Hat Security Advisory 2018-0576-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.4.9 serves as a replacement for Red Hat JBoss BRMS 6.4.8, and includes bug fixes and enhancements. Issues addressed include unsafe deserialization.
d0ae946550440d0cb883f3cc2701bc608727fa2cdff7235ecc2c15e1174c6c33
Gentoo Linux Security Advisory 201803-11 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.18.6 are affected.
c800086307ca024083c0bd198492eea46073a6cbde7cbd073fc3a978498b74d1
Gentoo Linux Security Advisory 201803-10 - Gentoo's collectd package contains multiple vulnerabilities, the worst of which may allow local attackers to escalate privileges. Versions less than 5.7.2-r1 are affected.
797bd515d0c2188d1291507f9a2f9de416871069b66a625d363c320b66f7edc3
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error when processing hdmx table and can be exploited to cause an out-of-bounds read memory access.
2a94f7f054339d0976d53276ff87ada9d27f79dcb60ae3b25de95d30dae509bf
Debian Linux Security Advisory 4146-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.
b72926f8207adf31d74502fe82f90c30cfcde6566e0af737b43a77cbb4d3ca3f
Dell EMC Isilon OneFS suffers from incorrect authorization, cross site request forgery, and path traversal vulnerabilities.
d370d6ca7380127f4ee9a10cf1e94c01b4a479767738e0f423d758f610c85187
Bitbucket suffers from a remote code execution vulnerability in the in-browser editing functionality.
7b0fe5f6f5e4f846a3dbbe67b5ceefa3dddff92a66c6ab499629c8fa85fe953f
Linux Kernel versions prior to 4.15.4 show_floppy KASLR address leak proof of concept exploit.
0141dd0e32ba53533c58e61ecfdc7ade09f92a66df172ac9572a7c4be4fa3a4d
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the t2embed.dll module when handling font glyphs and can be exploited to cause an out-of-bounds read memory access.
0b68577b47235ad1c056c8041f6bba0b8dde116c586be554597f34d36dc08fa6
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the "MTX_IS_MTX_Data()" function (t2embed.dll) and can be exploited to cause an out-of-bounds read memory access.
2327aa0a2086a47bafe6a4dd4c56ff434f4ad7532bf68b3c9f82ef90955d8b00
Cisco node-jos versions prior to 0.11.0 re-sign tokens proof of concept exploit.
f7e488909b769cf6fe758f382777f08b2e3b059dea0c5b6c8ed8e7fb3e555bec