ZoneMinder version 1.32.3 suffers from a persistent cross site scripting vulnerability.
e94efa7642936ba71bb0743ce4201017616e013258f90a2f172a6f409a8c519dCiuisCRM version 1.6 suffers from a remote SQL injection vulnerability.
be51038e0706dd6dc4aff4592294f2d56579b86b1996c3d6145005bffe24eba9Debian Linux Security Advisory 4473-1 - Multiple security issues were found in the rdesktop RDP client, which could result in denial of service and the execution of arbitrary code.
8c78b2006612b15ce35e2d55613451e342d36505cf13b9c7af35b24a67225bf2WorkSuite PRM version 2.4 suffers from a remote SQL injection vulnerability.
db1e0a50fe88e6acf597749ecdd0ca98cf1a68fec7ff0a0baf78a5ef34b6564aUbuntu Security Notice 4041-1 - USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service. Various other issues were also addressed.
38c17aacbb7b32c138b118b5a4022a5ed59168bcf511fb1f084a35b7d0a6e202Ubuntu Security Notice 4041-2 - USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM. USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Various other issues were also addressed.
c7d4a3aaf64ac902122bdf9096c8ee39c4b00b7f851ae0fa3d01c3b2b30e7b7bThere's a task in Windows Task Scheduler called "SilentCleanup" which, while it's executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%\system32\cleanmgr.exe. Since it runs as Users, and we can control user's environment variables, %windir% (normally pointing to C:\Windows) can be changed to point to whatever we want, and it'll run as admin.
58e8c9a2922eb9b32f5e84d467e3b7a8e02cbd89977b2287f299fcfa861a0d71JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.
4fc1b906250e6f6a8054f27ecadabf5ff49d66951ffa585578a40731082a91b1Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.
69c0f2eade7e52a983ec44cfcf350ae8215fde7477f5777ca054bbb2cdd25e60Debian Linux Security Advisory 4472-1 - It was discovered that Expat, an XML parsing C library, did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service.
fdaf8b352e1a0724c793ebdb3d309b230cc30c98f3b6142e34bb3151eafef9a5LibreNMS version 1.46 addhost remote code execution exploit.
e097a34b58d0c2df9716a65556604b2510639df3b7a0b98498f57b52615842f2129 bytes small Linux/x86 chmod + execute + hide output via /usr/bin/wget shellcode.
d71026b126f921724e16445e34b085a5d7ac0a2d632fd2da03c87d64173716c6There is a security issue where Google Chrome's PDF plugin is allowed to use the Pepper Socket API. Patches are included in this archive.
ad0eefb7789dc829f60df188dd516da0493ea392c5b128c25d5466f89a05305f191 bytes small Windows/x86 start iexplore.exe shellcode.
0847049573c193746ea36e43de7fcdafd94e46024c09f28c2f50f959e6cc4353Red Hat Security Advisory 2019-1626-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.
8b9b8d6cf3822cc19ee197bca2a176146e339b89f859f9e5e5358cb75d1c8c64Ubuntu Security Notice 4042-1 - It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code
8c42095fc6d39595d3a76ea8338a85836c2746512cdbb94767ed708fe9698766Red Hat Security Advisory 2019-1623-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.
a862b1d7e05af64177914350e809feb8d4aba2124b6e1b3bbfc12c843966458eRed Hat Security Advisory 2019-1632-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an arbitrary file write vulnerability.
226035287bcd1c0d5089dd0ac15a540d945caf292909d2017b8aa39d1aa1fd1dRed Hat Security Advisory 2019-1633-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images. Issues addressed include an arbitrary file write vulnerability.
e6e8443c43325cc60b6222e6c7230d0d41b7cf0326abd29df0ecf5a18961512cRed Hat Security Advisory 2019-1624-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.
a32ac12e95b7d4d2133ede322d4ddb074852b0bb68a2a054b2117624ff9845bbRed Hat Security Advisory 2019-1619-01 - Vim is an updated and improved version of the vi editor. An arbitrary command execution vulnerability was addressed.
9f78b10b162715918d81c097d8a31392be9856d214d5b08414c63816c9ec453d210 bytes small Windows/x86 bitsadmin download and execute shellcode.
e9d5c3f3eed4ac99877670df0c79846e46237e60811013236f0f91d47c45142aLinux/x86 ASCII AND, SUB, PUSH, POPAD encoder shellcode.
0f59482898b8c68eff13a6977fa8a7526c9180866f8a667284241beca5475c10Ubuntu Security Notice 4040-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service.
251b85a8c68321ea23a55c52e49629c8a3a25fa86fb47f440c3f071922997ed6Ubuntu Security Notice 4040-2 - USN-4040-1 fixed a vulnerability in expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service.
f1885e6f06f6f2c730d8efe155ac5f1c76f1b005205c7c8535cdc2920730fa9f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed