PHP Dash boards version 4.5 suffers from multiple remote SQL injection vulnerabilities.
f4f36dea50018961dabb14f2e00be3498aec2183a931e075dd5e8a72f92ae9bfMySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
f84eda3271059f08b9a99d7263f73d44a340114c34afcf6977c66cad9edbd3c7Red Hat Security Advisory 2018-1704-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.
89d9c49300037ce795360a8a9f19b168cf6d3e52f630bd9b024d9fe2cba95b14Red Hat Security Advisory 2018-1700-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Issues addressed include a heap overflow vulnerability.
d4d5365cfb76f7ce8f2af4cce5618129ba46fda26873caa376506f600d65a496Red Hat Security Advisory 2018-1701-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.
ab62574ba76a9ab7b9a080de532777c3d77057f673543c10572feddcfcafac50This Microsoft advisory notification includes advisories released or updated on May 21, 2018.
dd66393e88ef4234037aebde65242331b999583858b6c0540f3cd1b4bfe1260eVMware Security Advisory 2018-0012 - VMware vSphere, Workstation and Fusion updates enable Hypervisor- Assisted Guest Mitigations for Speculative Store Bypass issue. The mitigations in this advisory are categorized as Hypervisor Assisted Guest Mitigations described by VMware Knowledge Base article 54951. KB54951 also covers CVE-2018-3640 mitigations which do not require VMware product updates.
8a6cd5b75e3ff0ddbd73b394b015d3a71a9d29925858ca1769d9c51525a44241MySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
6fd698eb967b90203eea6bb081322800c08e24edea9eb038620a0aa69d08f339Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
ab6e5bbc3464c956347b8671ce8397950ad5daff3bf9964c967d495f4ddbcd88Ubuntu Security Notice 3655-2 - USN-3655-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
d20de8a8b1a91c1868f659ceb93e500b05dcd66acdac31b9a1b5e284acd625b6Ubuntu Security Notice 3655-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Jan H. Schonherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service or possibly gain administrative privileges in the host. Various other issues were also addressed.
b4540785a10c68708436fa71415c979852b1d924f18c7bfa316d742b5563b642Ubuntu Security Notice 3654-2 - USN-3654-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
de22c970ed2387a5b65d9f771bda19a47f769cd6937f436e2540fe3278eafdccUbuntu Security Notice 3654-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
5f261dbe5831c41c0bd4f2b983165daf32e4b78c0ecc0db3052a95ea2f5075e3Ubuntu Security Notice 3653-2 - USN-3653-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
24369ce639746b8afd34db0ce7bb0af4184336f65b3521bb65d2e20967beb378Red Hat Security Advisory 2018-1660-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.
f1f139301c24619d41bcb0deb699d711bb803e59e1ce908f2a64e28158866ab4Red Hat Security Advisory 2018-1647-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
1a6655c9c0ce7379a10cbdf58ca475f184c2e8b9d261fadec9f7e0658017bc84Red Hat Security Advisory 2018-1655-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.
87fe7a482fa44b3be9e1c652fabba8215fb2a37cc4acd0dc4dfe6e19863661ceUbuntu Security Notice 3650-1 - It was discovered that xdg-utils incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
6a5ebf917bd0274ba9ea544c2daca54131ca548be227d2bb18b1187bbd34ec91Debian Linux Security Advisory 4206-1 - Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code.
b90e604494b3ffae9f36761ced67f9dddbd660ef359a92d76210c3f564e6c64fUbuntu Security Notice 3657-1 - It was discovered that the netlink subsystem in the Linux kernel did not properly restrict observations of netlink messages to the appropriate net namespace. A local attacker could use this to expose sensitive information. Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
ad6897168d9be2ebb02e98e78731eec9cd871a9b290d238a53272249a21e6d15Ubuntu Security Notice 3656-1 - Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the F2FS implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
a9f3839c7a8545a6f6e3bf93c8de2afcce4efda346b3187919d8f91346066750Gentoo Linux Security Advisory 201805-9 - A vulnerability found in Shadow may allow local attackers to bypass security restrictions. Versions less than 4.6 are affected.
e5db10936b8ea49eb1ee9d0e258728bf5131d1e687daa989b657ab9a509c7aebGentoo Linux Security Advisory 201805-8 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 5.1.36 are affected.
3d5e74f6b70c1c78da94634a342b417296e87e5584a167d051247dcc32ea0e66Gentoo Linux Security Advisory 201805-7 - Multiple vulnerabilities have been found in Samba, the worst of which may allow remote execution of arbitrary code. Versions less than 4.5.16 are affected.
75d9dc5f4726c1960e8dac452254838989ffb7cf7b89fa278040830e69875411Red Hat Security Advisory 2018-1635-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
943432d24e3debe9045420bfc270d7cb54adc9cbd279a06140b19f0a7bc818d7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed