Red Hat Security Advisory 2020-0470-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP5. Issues addressed include a deserialization vulnerability.
6216e8d4e1da4d2f6f992918c2fa47b00a0bea765abdfaa4164bac0dbaa1b5c6Technical Cyber Security Alert 2012-227A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
f958461db70406ee608b92e86c5778602a68ddda74e3f148b3396ee851c6cd7cDebian Linux Security Advisory 2529-1 - Jeroen Dekkers and others reported several vulnerabilities in Django, a Python Web framework.
e72295d670e7e8b3f6c6c48e0ae95f800f20359a421a53e4c43f767c101a0216This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.
13ee2928c651d3a5639e180e5f2cafa4d077977aeeeb2da9a34de919ec969a8eThis Metasploit module exploits a stack-based buffer overflow vulnerability in version 2.1 of CuteZIP. In order for the command to be executed, an attacker must convince the target user to open a specially crafted zip file with CuteZIP. By doing so, an attacker can execute arbitrary code as the target user.
0eb1f8858ec5246ac33385d821777542b928e2d0bb98e4789b086a62b732d909Secunia Security Advisory - HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
64a709b58b6ee61639d0b91751fa1370fb95af75e8e2c731bae64a2534aa2be5Secunia Security Advisory - SUSE has issued an update for puppet. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose and manipulate certain data and by malicious people to bypass certain security restrictions.
67eb18b247b9985f3e30a412732259d389c1696d5a01aaf91c9d01c7794d8f4aSecunia Security Advisory - A vulnerability has been reported in Cisco NX-OS, which can be exploited by malicious people to cause a DoS (Denial of Service).
5c5a1b4f1ce0aa8b64f4536e08eadfb68c330f841e9c01c46cd3c741294e6ff0Secunia Security Advisory - A weakness has been reported in Python Beaker Library, which can be exploited by malicious people to disclose certain sensitive information.
8942656c4b72e5afdc7ca995f066565983408fbb924a1a1b930c18cad48472dcSecunia Security Advisory - A vulnerability has been reported in IBM WebSphere Business Events, which can be exploited by malicious people to cause a DoS (Denial of Service).
0f934c653687b3c3190527b0ba1147ee5399fae84ad92cc3c33f3716f18c8c14Secunia Security Advisory - A security issue and two vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
1332e189e300896ea0baa75068815455d40efa840a3b321cdafb6a9560538739Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4b0428dc306c48a1dce3d0d242c022d32ecb1999aeef39be84f18c9203785e16Secunia Security Advisory - Ubuntu has issued an update for libreoffice. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
9e1a0dd01efd47003de801f3478e4ada7ea28703bbf95422503c9a3529cb8cf0Secunia Security Advisory - A security issue and multiple vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
aff8264428b3986a367441d9fd2f8ce83c2febe254e06c37569cbebe867042aaSecunia Security Advisory - Jason A. Donenfeld has discovered a vulnerability in Viscosity, which can be exploited by malicious, local users to gain escalated privileges.
fd0542d8812a18d1176df5a88ecd1854b54de9f65af5d2cf9ebed197c3a23a21Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
63491bc1a361b46394d0e770340bc1d62e358ab46fcf9ac1195de71f4c9f6e0eSecunia Security Advisory - A vulnerability has been reported in Microsoft Visio, which can be exploited by malicious people to compromise a user's system.
e3a48073c43b9d05e8941c081e1360c3645f1cd4a2004b7b13549f120466ee5eSecunia Security Advisory - Gentoo has issued an update for Config-IniFiles. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
77061bf3093a15974b490bb18c3b07e688c6d614bfd765e1c43e7c7e315949e0Secunia Security Advisory - Gentoo has issued an update for puppet. This fixes multiple security issues and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges and by malicious users to cause a DoS (Denial of Service).
48af87b838969640105919aea0b6d92d2e5eddc671c83aedfd01752566e345f2Secunia Security Advisory - Debian has issued an update for python-django. This fixes two security issues and a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
fb3927d6bec81d24005c29a06dbc212f764f4d161f9c53d4a1dd8b08da17db26Secunia Security Advisory - Gentoo has issued an update for libgdata. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
d1ed51cac68ce4bfcd0670ca4f7d33fa31a5c9a1fe3f493c7b922d0ec4c88b70Secunia Security Advisory - Gentoo has issued an update for socat. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
abe1ddb41fee41410a12536c8c6588982c55f250ba71a7cc24991a93590aec31Secunia Security Advisory - Gentoo has issued an update for gajim. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct SQL injection attacks and compromise a user's system.
d951308295626921cc2e2a8d184c87ec324a606aed36fd61f54453cfe9f84598Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to disclose system information.
ec1fa84642b28261b751df1866f0e7c1ed612fdc551a003c186ba18e8601c764Secunia Security Advisory - Gentoo has issued an update for chromium. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
55051d216d1c52fb4c8a6b1e4d9022f53db0c35701d6f79d448d1df63f136909Secunia Security Advisory - A vulnerability has been reported in Condor, which can be exploited by malicious people to bypass certain security restrictions.
ab47a5138a9ce5ec63f1504bcdbb93dadf9de8d03dafd5b0a1ce6cfd83142475
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed