Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
80daea433fa654f2602cf67b19b9121ff6ad57761bad73cc29020c4f490c5f1f
Ignite Realtime Openfire version 3.7.1 suffers from a cross site scripting vulnerability.
c10f3c6ace6529c0ad221c414802d91b8aafa5e9cc0a5c883951f87d29b5c532
CGMiner versions 4.10.0 and below and BFGMiner versions 5.5.0 and below suffer from buffer overflow and path traversal vulnerabilities.
fa4fcd5a2e44edf0c29b6ad66381cdaee61adb9f18ca7cb776665f37c4daf012
The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.
f1c3b9023d02313f1fc1abb64c64d84e4ea581179d6b4d5a3425103544649ed7
Ubuntu Security Notice 3670-1 - Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.
cba8a2e28c73b05551966e6f681349ffd0bf42b5553713c3cf8a26cae4032542
The XNU kernel suffers from a heap overflow vulnerability due to bad bounds checking in MPTCP.
ab1dba51b69b26269ebf87264489c261941c2b7f55161734beeceefe097f984c
Jenkins Mailer plugin versions prior to 1.20 suffer from a cross site request forgery vulnerability.
8965ea91c46e6a72747d01cc2b374557bf8f2de7465a2a523e4f6efbc46fb6f1
The macOS kernel suffers from a use-after-free vulnerability due to a lack of locking in the nvidia GeForce driver.
d0dcd6d0f0048420298561799aa73fc74597cbca38483aca36320551f2eeae4a
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
3725c738a09fea389fabaa7eb29da7d502f1c4ac44e99b11eeacaad53d765aa1
10-Strike Network Scanner version 3.0 suffers from a local buffer overflow vulnerability.
4c5f0b666b1e0a95dc09e2022cf1d874e70a80d21966c376517976bc0e7d8700
Sint Wind PI version 01.26.19 suffers from an authentication bypass vulnerability.
75a058c1e4408185eadda4db58ff7149ce94ba38afe34a983300dd97bb2d9801
Clone 2 GO Video Converter version 2.8.2 unicode buffer overflow remote code execution vulnerability.
487a673b2e8db8fb4aaa17e7d695d49b0d7652fd214fb9ac2e5f91973f48183d
Pagekit versions prior to 1.0.13 suffer from a cross site scripting vulnerability.
2b8404ce71950c6f51a9c3a533696cae704a6b32c473193a05a3fd033cf9f6bb
MyBB Recent Threads plugin version 1.0 suffer from a cross site scripting vulnerability.
2159b3f17df67c386fab05ff778ade669befbf9efe75501956f91227028c510e
Linux Kernel versions prior to 4.16.11 suffer from an ext4_read_inline_data() memory corruption vulnerability.
f43855fa683dd79a2c3bc32dce30916f143b2462f4ccd05cc760ef2a59b47e87
10-Strike Network Inventory Explorer Standard version 8.54 suffers from a local buffer overflow vulnerability in the Enter Registration Key field.
c4b79a122512401dd630e882d0940ed9966ed72d66fdeeeb21bff38c89ef419c
dpa-fwl.microsoft.com suffers from an open redirection vulnerability.
cc2183a3ffe07e0d54ebb0988e05ca695cfc3e42a13d8d057010463352561e9c
10-Strike Network Inventory Explorer Standard version 8.54 suffers from a local buffer overflow vulnerability.
7f3172b7061baf4d6fab00b5b8ce4f4c54070897bdf1312522a27b8caae4de6e
Ubuntu Security Notice 3669-1 - It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
d7542c5dbf17a2f4b8cb7e4c903ca06cb2d8ae3d5b81fe823aa4394602a4793d
EMS Master Calendar versions prior to 8.0.0.20180520 suffer from a cross site scripting vulnerability.
9de08681497ed3fd4b4c62645f41c52394683d9f31f32cb1e74f1ed97cdf21fd
Ubuntu Security Notice 3664-2 - USN-3664-1 fixed a vulnerability in Apport. Sander Bos reported that Ubuntu 14.04 LTS was also vulnerable to this issue, but was incorrectly omitted from the previous updates. This update provides the corresponding update for Ubuntu 14.04 LTS. Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers. Various other issues were also addressed.
82738ed5a01bd47de75aafd897c85fc8bcf1629b34e058f286faf7fd5e618bc9