MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
6d1531c70a901fcddf9cb989d488beaf78ac0cc16d11beb981b99200146c4848Debian Linux Security Advisory 4149-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.
1c7389b0224ab4e18e59ca810fffad595ec7e444382dcfd5c7ca050d6ff9fe23Debian Linux Security Advisory 4148-1 - Alfred Farrugia and Sandro Gauci discovered an off-by-one heap overflow in the Kamailio SIP server which could result in denial of service and potentially the execution of arbitrary code.
e87cddf537333c67b35c77df0b4654923385c58cacf82f01c14db41e505b9e61Ubuntu Security Notice 3605-1 - It was discovered that Sharutils incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.
46da1fd9325cd2d43ed8dceeb1c58db4e6634c06ca6432748e4845c0ecab9a7cEasy CD DVD Copy version 1.3.24 suffers from a local buffer overflow vulnerability.
af4cd9dc175f4d6e44a034f2c38317b533f3f93eb325533d511ebc5936edc685Bomgar Remote Support Portal (RSP) suffers from a path traversal vulnerability.
198c0a663e903151778dba0bb70bdc8962d81bbecba75ce4118877f409e1811dThe ModSecurity for Nginx "non-release" version suffers from a use-after-free vulnerability.
d9207b29252240c7674a132fbfa13cc88942175716e3707ba61e89b39606af89The Kaseya Virtual System Administrator (VSA) agent "AgentMon.exe" suffers from a local privilege escalation vulnerability.
ae389b3de0f2ff85eb73501729ef4cc6e3a1d36853d5c2a3572be96e3b97a4e0Allok Quicktime to AVI MPEG DVD Converter version 4.6.1217 suffers from a stack-based buffer overflow vulnerability.
6d738f758b76780e760be1a5fe53c647f19ffdb922705b0359e252d722d281c8XenForo 2 suffers from a CSS loader denial of service vulnerability.
f08a899f612b499b3a9aa1796d8fbaa32aad423a4aeac9610cc59c1f5b5c6e17Ubuntu Security Notice 3604-1 - Richard Zhu discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause libvorbis to crash, resulting in a denial or service, or possibly execute arbitrary code.
0f9ff2cdeecb8cc4d2a898709c8507ddce8da29f88a7fa316e533695fbe0ec36Red Hat Security Advisory 2018-0577-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.4.9 serves as a replacement for Red Hat JBoss BPM Suite 6.4.8, and includes bug fixes and enhancements. Issues addressed include an unsafe deserialization.
3cb20342e0b9efd7127480a6a4332fc2b3ca035d5ff90a465ff02df3041ccdcfRed Hat Security Advisory 2018-0574-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb101-mariadb. Issues addressed include a use-after-free vulnerability.
4811f7e8cd18589d5a9575a92358807bab59dcc849440d463cfcb0318d3f1686Debian Linux Security Advisory 4147-1 - Several vulnerabilities were discovered in PolarSSL, a lightweight crypto and SSL/TLS library, that allowed a remote attacker to either cause a denial-of-service by application crash, or execute arbitrary code.
7ead6a7dc4b5aab9da285061c8c3be7b94df65df2625647f2c613e33c550985dRed Hat Security Advisory 2018-0576-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.4.9 serves as a replacement for Red Hat JBoss BRMS 6.4.8, and includes bug fixes and enhancements. Issues addressed include unsafe deserialization.
d0ae946550440d0cb883f3cc2701bc608727fa2cdff7235ecc2c15e1174c6c33Gentoo Linux Security Advisory 201803-11 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.18.6 are affected.
c800086307ca024083c0bd198492eea46073a6cbde7cbd073fc3a978498b74d1Gentoo Linux Security Advisory 201803-10 - Gentoo's collectd package contains multiple vulnerabilities, the worst of which may allow local attackers to escalate privileges. Versions less than 5.7.2-r1 are affected.
797bd515d0c2188d1291507f9a2f9de416871069b66a625d363c320b66f7edc3Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error when processing hdmx table and can be exploited to cause an out-of-bounds read memory access.
2a94f7f054339d0976d53276ff87ada9d27f79dcb60ae3b25de95d30dae509bfDebian Linux Security Advisory 4146-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.
b72926f8207adf31d74502fe82f90c30cfcde6566e0af737b43a77cbb4d3ca3fDell EMC Isilon OneFS suffers from incorrect authorization, cross site request forgery, and path traversal vulnerabilities.
d370d6ca7380127f4ee9a10cf1e94c01b4a479767738e0f423d758f610c85187Bitbucket suffers from a remote code execution vulnerability in the in-browser editing functionality.
7b0fe5f6f5e4f846a3dbbe67b5ceefa3dddff92a66c6ab499629c8fa85fe953fLinux Kernel versions prior to 4.15.4 show_floppy KASLR address leak proof of concept exploit.
0141dd0e32ba53533c58e61ecfdc7ade09f92a66df172ac9572a7c4be4fa3a4dSecunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the t2embed.dll module when handling font glyphs and can be exploited to cause an out-of-bounds read memory access.
0b68577b47235ad1c056c8041f6bba0b8dde116c586be554597f34d36dc08fa6Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the "MTX_IS_MTX_Data()" function (t2embed.dll) and can be exploited to cause an out-of-bounds read memory access.
2327aa0a2086a47bafe6a4dd4c56ff434f4ad7532bf68b3c9f82ef90955d8b00Cisco node-jos versions prior to 0.11.0 re-sign tokens proof of concept exploit.
f7e488909b769cf6fe758f382777f08b2e3b059dea0c5b6c8ed8e7fb3e555bec
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed