Red Hat Security Advisory 2017-1731-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 26.0.0.137. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
32cef9657a3ce726d633e0dba2951591HP Security Bulletin HPESBGN03763 1 - Potential security vulnerabilities have been identified in HPE SiteScope. The vulnerabilities could be exploited to allow disclosure of sensitive information, bypass security restriction, and remote arbitrary code execution. Revision 1 of this advisory.
dc314fbc75a2d130657f6959ec35b3d9HP Security Bulletin HPESBGN03762 1 - Potential security vulnerabilities have been identified in HPE Network Node Manager i. The vulnerabilities could be remotely exploited to allow bypass security restrictions, cross-site scripting (XSS), and/or URL redirection. Revision 1 of this advisory.
0381a18a7544fb7fb594274929cf5fe3HP Security Bulletin HPESBHF03745 2 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 2 of this advisory.
cd27e08a68e074bff92143609b3a4f8dPelco cameras suffer from multiple dom-based, stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
7f8219b6e322e2f71ec72c2c608d1040Shenzhen C-Data CD7201 with software version 2.4.6b and firmware version 7.1.0 suffer from authentication bypass, command injection, and cross site scripting vulnerabilities.
2f2406c1fed6720250bfb64cda0f49c8Pulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.
f881d55ec2c771f14be93daa0a0887bfGentoo Linux Security Advisory 201707-13 - Multiple vulnerabilities have been found in libcroco, the worst of which may have unspecified impacts. Versions less than 0.6.12-r1 are affected.
1793e2952d6addae780a82cc3f100816Gentoo Linux Security Advisory 201707-7 - Multiple vulnerabilities have been found in JasPer, the worst of which could could allow an attacker to execute arbitrary code. Versions less than 2.0.12 are affected.
a80f5473fe70b14926714399895e5370Gentoo Linux Security Advisory 201707-6 - Multiple vulnerabilities have been found in virglrenderer, the worst of which could allow local guest OS users to cause a Denial of Service condition. Versions are affected.
3f4534c3255b0846c107799ebecc5712Gentoo Linux Security Advisory 201707-5 - Multiple vulnerabilities have been found in OpenSLP, the worst of which allows remote attackers to cause a Denial of Service condition or other unspecified impacts. Versions less than 2.0.0-r4 are affected.
1a3ddce2f748c7c3ff71382b62ca0845Gentoo Linux Security Advisory 201707-4 - Multiple vulnerabilities have been found in libsndfile, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 1.0.28 are affected.
38cbfd5398ee180b875237e9e50b1329Gentoo Linux Security Advisory 201707-2 - Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected.
9e23fc9a4f05a5a92addf2ea5ccd7279Gentoo Linux Security Advisory 201707-10 - Multiple vulnerabilities have been found in VLC, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.2.6 are affected.
a2c2fafa64935fe01062ec3036b6835bDebian Linux Security Advisory 3904-1 - ClA(c)ment Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS server implementation. They allow an attacker to bypass TSIG authentication by sending crafted DNS packets to a server.
614af9c12cc1f45c436a7ec95a3703dbEMC Data Protection Advisor versions prior to 6.4 suffer from remote SQL injection and path traversal vulnerabilities.
bb15dd92d582999bd00052456097ccf3Debian Linux Security Advisory 3903-1 - Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code.
f22eb4c31adb069462aeb0325c0caef3HP Security Bulletin HPSBMU02933 3 - A potential security vulnerability has been identified with HPE SiteScope's loadFileContents SOAP features. The vulnerabilities could be exploited to allow remote code execution, arbitrary file download and Denial of Service (DoS). Revision 3 of this advisory.
b46d2429d4e90e14ac66308021a9d4e2Gentoo Linux Security Advisory 201707-1 - Multiple vulnerabilities have been found in IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 3.4.0 are affected.
18e9d7e09504f55fd47e16f596d46c11Yaws server version2.0 suffers from multiple cross site scripting vulnerabilities.
e8a85c148e887e014427c7e9c438d040Humax Digital HG100R version 2.0.6 suffers from backup disclosure, root credential disclosure, and cross site scripting vulnerabilities.
d929ed2b472ae8a416c2a4ab898c7996RSA Archer GRC version 6.2.0.2 suffers from bypass, cross site request forgery, information disclosure, open redirection, and cross site scripting vulnerabilities.
6cf471214abe6297b8b4c071b0aa43fdOSCI-Transport library version 1.2 for German e-Government suffers from padding oracle, signature wrapping, and XML external entity injection vulnerabilities.
852b54bfa71394caa84d2551937c6f52Microsoft .NET Framework version 4.7 suffers from dll hijacking vulnerabilities.
5b1e4d178e8382d65a9f6aa04db6bba5Trihedral VTScada versions prior to 11.2.26 suffer from resource consumption, cross site scripting, and information disclosure vulnerabilities.
cb976665ca752634c866774df96acaff
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed