HTML Video Player version 1.2.5 suffers from a local buffer overflow vulnerability.
fb293b160674d4eeb22080384cd6bd4fMySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.
6836b2b8653660838622bcc3b783c738Faleemi Desktop Software version 1.8 local SEH buffer overflow exploit with DEP bypass.
6fe28cf8e13b1400f7afc55898edbfa6R version 3.4.4 local non-SEH buffer overflow exploit for Windows XP SP3.
db8103189a864d8a8c0b76e3ae669ef3MySQL user-defined (Linux) x32 / x86_64 sys_execfunction local privilege escalation exploit. Can be leveraged against versions 4.x and 5.x.
11297728ea4b88223b36ef198b04aabcJoomla! Easy Shop component version 1.2.3 suffers from a local file inclusion vulnerability.
3509bcf57a850b72f093872afe9be95fPHP Dashboards NEW version 5.8 suffers from a local file inclusion vulnerability.
b848b3c5fb7d6f6a2ec83b189546a946SeoToaster Ecommerce version 3.0.0 suffers from a local file inclusion vulnerability.
9f2299407ce91ffabeb1fed35708460fMozilla Firefox versions 64 and below have an issue where an overly liberal same-origin policy for file URIs and a bug in the implementation of this policy make Firefox vulnerable to exposure of local files to a remote attacker.
fe019fa6ad6c40086ca4f91c26ff77f8Check Point ZoneAlarm version 8.8.1.110 suffers from a local privilege escalation vulnerability.
d5cc68c9e775edbaf57809134a79ebcbUbuntu Security Notice 3861-2 - USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions. Various other issues were also addressed.
1d929df08d738a1407781094c847f6a4Ubuntu Security Notice 3861-1 - It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions.
a1e50592c0cb58f40bf65035005c7ba9xorg-x11-server versions prior to 1.20.3 Solaris 11 inittab local privilege escalation exploit.
c844abebb3b3d8d2300403bc8e829523Debian Linux Security Advisory 4365-1 - Stephen Roettger discovered a race condition in tmpreaper, a program that cleans up files in directories based on their age, which could result in local privilege escalation.
b7df79db42b0fc4f6ea9529905cda3e3Ubuntu Security Notice 3855-1 - It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. It was discovered that systemd-journald allocated variable-length arrays of objects representing message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
42433c95e77000de53479462231b8fa3Code Blocks version 17.12 suffers from a local buffer overflow vulnerability.
e15e64174e078aee560c7bd3cb29a211Ubuntu Security Notice 3850-1 - Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. Various other issues were also addressed.
f31e765a83742d73f9519be5d73246a3Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
8076f11045b5a94fd4ef0a0114b845f6The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.
931d37612cf8560f64b71f15da93dbc1Gentoo Linux Security Advisory 201812-11 - Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. Versions less than 1.29.1 are affected.
8bd40344a33775e5023f354026bc9486Terminal Services Manager version 3.1 SEH local buffer overflow exploit.
ad2ab586467fac1fecdbf7d288d6ed0fAnyBurn version 4.3 SEH local buffer overflow exploit.
2647139a9e50e499f8b41f2579de83bfMultiple vulnerabilities were found in the GPCIDrv and GDrv drivers as bundled with several GIGABYTE and AORUS branded motherboard and graphics card utilities, which could allow a local attacker to elevate privileges. Affected versions include GIGABYTE APP Center 1.05.21 and below, AORUS GRAPHICS ENGINE 1.33 and below, XTREME GAMING ENGINE 1.25 and below, and OC GURU II 2.08.
5cad18f5b078e0d55bd9a0c74f26e7ccMultiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges. ASUS Aura Sync versions 1.07.22 and below are affected.
bf9ed2614877e99c373ab955e1c3e901Ubuntu Security Notice 3849-1 - It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
ab84b9e247a45108e4c874fdfe0f245f
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed