Red Hat Security Advisory 2018-1460-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a command injection vulnerability.
8cdb861ddf1dd60fa264f3acfd91e8e2ad34b20170f48d28eb709d6673efdadd
Red Hat Security Advisory 2018-1447-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
bafa2c4701c1956e519818e15b5819d0d12df2733c02541185a265d7a4fd8c69
Red Hat Security Advisory 2018-1451-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19. Issues addressed include code execution and traversal vulnerabilities.
071f79f013467ccb6e777f227def5d0666e250099e79aecdeacde603e7f87b14
Ubuntu Security Notice 3600-2 - USN-3600-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. Various other issues were also addressed.
7e33e2d4fb4b760a8aab3b3c5cbe3068c322a7deb50876c80a4cf13a345559a6
Red Hat Security Advisory 2018-1416-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
73648f0a66d48a2e5205e4fbecc1eabfbd430b755daa26ec09276f8005cc0988
Red Hat Security Advisory 2018-1396-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a resource exhaustion vulnerability.
1a37de7638de63ae4974186c8864d405fa655d2fb9b209f0f39bffdb250557aa
Red Hat Security Advisory 2018-1453-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a command injection vulnerability.
c169b1e7d1c710a5da437449b706ec96f2fe92f4e5b1455f026c4a006a706a8e
Red Hat Security Advisory 2018-1450-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
df4e2952c8fb6dd18bda14d8ee9ce25b96718185533685523d56a0e9fd70c167
Red Hat Security Advisory 2018-1414-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
bb6688cf7280aeecf3fae2e1c76d270a031b4f3e9588798e660307154a3d5f02
Gentoo Linux Security Advisory 201805-5 - A vulnerability has been found in mpv that may allow a remote attacker to execute arbitrary code. Versions less than 0.27.2 are affected.
46484a5bc92b34c3b5b38b18e2399e1fec7c68dd874839bbca59610214d2b1d9
Signal Desktop suffers from an HTML injection vulnerability.
7342445a2a81bafeda692b4072a1691a6690f325366e6a19c447cb00b1ecd5e3
WordPress WP ULike plugin versions 2.8.1 and 3.1 suffer from an arbitrary data deletion vulnerability.
60d548f9ac31206f6dce81a9bd584718eec670910c5bc25fa7aeb146d86335c1
WordPress WP ULike plugin versions 2.8.1 and 3.1 suffer from a persistent cross site scripting vulnerability.
80d7060c00ca4ddac7b6916ec8392a1db436aa0ccb9d5f13d711e383093b1282
Debian Linux Security Advisory 4200-1 - Fabian Vogt discovered that incorrect permission handling in the PAM module of the KDE Wallet could allow an unprivileged local user to gain ownership of arbitrary files.
6045db6012b82294feb46de519de1526bc84c5ec08debc7d034c4e61a57f07b5
2345 Security Guard version 3.7 suffers from a denial of service vulnerability related to 2345NsProtect.sys.
0ffa6c3fc3f2074dffa23024f09657ddf544857ed548d24caaadb74bf3e67d41
Monstra CMS version 3.0.4 suffers from a shell upload remote code execution vulnerability.
e317e4c185f5c6a9f9a57b3bbf13084ad7e1c42c0292bd95a43d6ba98ef8b3fd
Arris Touchstone Telephony Gateway suffers from denial of service, information disclosure, and various other vulnerabilities.
ac4b9b0b7826df6d40c484b593bc7e191eb636d7dc477b8c7b07e9e87e0643d3
96 bytes small Linux/x86 reverse TCP shell shellcode that connects to 127.0.0.1:4444.
6589b3ff87176cfaccd17d0fa9f870025d667632343d76f85fbbf4d66b85347c