what you don't know can hurt you
Showing 51 - 75 of 377 RSS Feed

Files Date: 2018-07-01 to 2018-07-31

Red Hat Security Advisory 2018-2258-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2258-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | b102292b262e1622520ec544e79575de
Red Hat Security Advisory 2018-2261-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2261-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10861, CVE-2018-1128, CVE-2018-1129
MD5 | 930ec1129712afd8c5cf434fef5cdb58
Red Hat Security Advisory 2018-2267-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2267-01 - The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-1124, CVE-2018-1126
MD5 | 213a113082982c977612753e2d69b44b
Red Hat Security Advisory 2018-2268-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2268-01 - The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-1124, CVE-2018-1126
MD5 | 5b8ee46d2ae059c9e8a9b28bdd6b679a
Red Hat Security Advisory 2018-2274-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2274-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10861, CVE-2018-1128, CVE-2018-1129
MD5 | 7d431761f6a891f8ee4b8c14b8aa3cc6
Red Hat Security Advisory 2018-2276-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2276-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for wildfly-core and apache-cxf packages in Red Hat JBoss Enterprise Application Platform 7.1 Issues addressed include a traversal vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-10862, CVE-2018-8039
MD5 | 3d011e4a8c8678999e32ecbfe9137a59
Red Hat Security Advisory 2018-2277-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2277-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for apache-cxf package in Red Hat JBoss Enterprise Application Platform 7.1 Issues addressed include a traversal vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-10862, CVE-2018-8039
MD5 | 151c018f8ec415c63608910036d3f84a
Red Hat Security Advisory 2018-2279-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2279-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This asynchronous patch is a security update for wildfly-core and apache-cxf packages in Red Hat Single Sign-On 7.2. Issues addressed include a traversal vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-10862, CVE-2018-8039
MD5 | c3d63485b88e30d23ace68663b9b57fc
Tracto ERC20 Integer Overflow
Posted Jul 26, 2018
Authored by Zhihua Yao

Tracto ERC20 suffers from an integer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2018-14063
MD5 | b2ec04f47b4a1fab92c7f1babe0c729c
Ubuntu Security Notice USN-3722-3
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-3 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | 7272d25ace6b15017b495dcdc09f7b09
Ubuntu Security Notice USN-3722-4
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-4 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | c328bb4a32f040f5fe742f79aebb2bf8
Ubuntu Security Notice USN-3724-1
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3724-1 - Jon Kristensen discovered that Evolution Data Server would automatically downgrade a connection to an IMAP server if the IMAP server did not support SSL. This would result in the user's password being unexpectedly sent in clear text, even though the user had requested to use SSL.

tags | advisory, imap
systems | linux, ubuntu
advisories | CVE-2016-10727
MD5 | 551e1ebffb2ad3161b3dfeaccefce080
Debian Security Advisory 4255-1
Posted Jul 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4255-1 - Danny Grander reported that the unzip and untar tasks in ant, a Java based build tool like make, allow the extraction of files outside a target directory. An attacker can take advantage of this flaw by submitting a specially crafted Zip or Tar archive to an ant build to overwrite any file writable by the user running ant.

tags | advisory, java
systems | linux, debian
advisories | CVE-2018-10886
MD5 | 64f1c6d350ab11afe9ff34bd9841624d
Debian Security Advisory 4254-1
Posted Jul 25, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4254-1 - Several vulnerabilities were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-10995, CVE-2018-7033
MD5 | 67a1e6483445422db16fb19c3e007d73
Ubuntu Security Notice USN-3722-1
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-1 - It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | 4beac8f3df61ae10d6defa8a0f414696
Ubuntu Security Notice USN-3721-1
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3721-1 - Danny Grander discovered that Apache Ant incorrectly handled certain compressed files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to overwrite arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10886
MD5 | f25a54a8ba88bf7f8a99db826cdbf15c
Ubuntu Security Notice USN-3723-1
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3723-1 - It was discovered that Tomcat incorrectly handled decoding certain UTF-8 strings. A remote attacker could possibly use this issue to cause Tomcat to crash, resulting in a denial of service. It was discovered that the Tomcat WebSocket client incorrectly performed hostname verification. A remote attacker could possibly use this issue to intercept sensitive information.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-1336, CVE-2018-8034
MD5 | 2b2b54fad46680e7c1f4ff2862e94921
Ubuntu Security Notice USN-3722-2
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-2 - USN-3722-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | cfa43d66e2ea6fbfe09c503cbfa033d2
Red Hat Security Advisory 2018-2256-01
Posted Jul 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2256-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 181. Issues addressed include an insufficient validation vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-2940, CVE-2018-2941, CVE-2018-2952, CVE-2018-2964, CVE-2018-2973
MD5 | 06a0bed00a98306521531d60c61eb777
10-Strike LANState 8.8 Local Buffer Overflow
Posted Jul 25, 2018
Authored by absolomb

10-Strike LANState version 8.8 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 8747230e2f15c78943b57e8285b20226
Red Hat Security Advisory 2018-2250-01
Posted Jul 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2250-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 46608b5095f87799c5e442ceea221b39
Inteno's IOPSYS Local Privilege Escalation
Posted Jul 25, 2018
Authored by neonsea

Inteno's IOPSYS suffers from an authenticated local privilege escalation vulnerability.

tags | exploit, local
MD5 | a7cc5998b50392cd2e39daa15831a611
Red Hat Security Advisory 2018-2254-01
Posted Jul 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2254-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 191. Issues addressed include an insufficient validation vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-2940, CVE-2018-2941, CVE-2018-2952, CVE-2018-2973
MD5 | 5c2de1ed672334a8531a0bbaf77da9a1
10-Strike Bandwidth Monitor 3.7 Local Buffer Overflow
Posted Jul 25, 2018
Authored by absolomb

10-Strike Bandwidth Monitor version 3.7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 89efb8812aa4328999e04995c96aa261
Red Hat Security Advisory 2018-2253-01
Posted Jul 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2253-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 181. Issues addressed include an insufficient validation vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-2940, CVE-2018-2941, CVE-2018-2952, CVE-2018-2964, CVE-2018-2973
MD5 | cf29c263de56589a7d84a1fc6b0fb9d7
Page 3 of 16
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    15 Files
  • 27
    Feb 27th
    15 Files
  • 28
    Feb 28th
    4 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close