RSA Authentication Manager versions prior to 8.3 P1 suffer from a cross site scripting vulnerability.
2b223860956e93ac2c2acca73aaeef144d258adc465344b1754d85ef3b5684cdDebian Linux Security Advisory 4228-1 - Several vulnerabilities were found in SPIP, a website engine for publishing, resulting in cross-site scripting and PHP injection.
5a5feaaf506512f745c53f9e670f39ae79f695bebb733d1abd47c840d8bddca1Ubuntu Security Notice 3678-4 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
70613b1dd8bebafbf47b8ff616c76fc30f6a92857dbf198e9f0fbe3db6e8e22fRed Hat Security Advisory 2018-1852-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
19ab2687ceb485d0479ff41218a79b7bd4a249b760c23a13683264c202621293Ubuntu Security Notice 3675-2 - USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Various other issues were also addressed.
0897462e75854fb4e6baef305d59332291756546f6848648d42df67f1e8ed263Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit that can lead to leaking of sensitive data, code execution, and more. Various 2.20.x versions are affected.
c0220c58b288dbb3089fcc06182e86efa1aa62220a826e40338a53ed4207e04aUbuntu Security Notice 3685-1 - Some of these CVEs were already addressed in previous USN: 3439-1, 3553-1, 3528-1. It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. It was discovered that Ruby incorrectly handled certain files. An attacker could use this to overwrite any file on the filesystem. Various other issues were also addressed.
60f255fcb7dd889a143694b47735ea1ee2e3231d8c3486947620ea6096bc226bGentoo Linux Security Advisory 201806-4 - Multiple vulnerabilities have been found in Quassel, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 0.12.5 are affected.
779e58431c2af113e03ed8db2a2c230b0e6986853d41570ca3eeafc0829d4138Ubuntu Security Notice 3686-1 - Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain long strings. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.
05ad4392d125c7b662cb1712b5aa9d236d115c9f15d0ec8ebbe0e97a51fde01eThis Microsoft advisory notification includes advisories released or updated on June 13, 2018.
b81a1d6199c844c4cc6acc1813b9b373ba7ccc1bf07803e89c7c4462e02270ffmsploitego is the pentesting suite for Maltego. msploitego leverages the data gathered in a Metasploit database by enumerating and creating specific entities for services. Services like samba, smtp, snmp, http have transforms to enumerate even further.
8e49a427b89e77829f637050b63b7f3b4b807da701532e1a03fa3df59ba6be22rtorrent versions 0.9.6 and below denial of service exploit.
f7be24ced979554cd7ece10f47684061f0d8fff02b634f27179262b3a3a47322Joomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability.
1554dda65d8042274643fc15a0ead8f681998dc9fcd86ab72570018f4844b423Soroush IM Desktop App version 0.15 suffers from an authentication bypass vulnerability.
6131c5df1752ce00c46f14d1047b8acf2d8106bdd6de143f625d0c25bd3eae09Whitepaper called EggHunter Buffer Overflow for Windows. Written in Arabic.
2bfed292e02018566ece557c276b5957224e44b1fd1f1b4fdb9981a2795a6c06Whitepaper called Lateral Movement using WinRM. Written in Arabic.
f4c899e0fb64fffc6ec0c49647494076b523743696280a7f539e095362ea70b2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed