Crashmail version 1.6 suffers from a buffer overflow vulnerability.
72b5c7d1b766f470a4442575cddacd62886be8f487d3aa3e49019afcfcf0323cRed Hat Security Advisory 2018-0560-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a later upstream version: collectd. Issues addressed include a double-free issue.
309beb40670f2053c28b04a6381d084db570ca83d6a0cf6702820c0308f4e93aUbuntu Security Notice 3603-2 - USN-3603-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 12.04 ESM. Matthijs Kooijman discovered that Paramiko's SSH server implementation did not properly require authentication before processing requests. An unauthenticated remote attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.
0dba1780104df54d79e6059d50386a9e081391f92e1021c92e3023fc6cc33abaUbuntu Security Notice 3603-1 - Matthijs Kooijman discovered that Paramiko's SSH server implementation did not properly require authentication before processing requests. An unauthenticated remote attacker could possibly use this to execute arbitrary code.
65cdafbb08b17ca0dab20595320dbe4f87f97a8389c628e2f58e580a9c755f6fUbuntu Security Notice 3602-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
8de81605107439c7bd26e9b88f950b51e55cba96622221349729f7385471acb0This is a whitepaper that goes over methodologies for web application penetration testing. It is very thorough with examples and overviews.
5f258ff9e75dba499306df2a06fa89e9eebcc2fd3b3ee0b82a6a2a06f26b66fdIntelbras Telefone IP TIP200 LITE suffers from a local file disclosure vulnerability.
7508d8d3626c3b4ad34f89f54d966efc014a5bba42c18581ea35ff5d34698a07Compass Security discovered a design weakness in Microsoft Intune's iOS Keychain management. This allows users to access company data even after the device has been unenrolled.
ddd63a88b904946a23a9cb733e253b9a99ce019c4a471fdab65dc2abd2085145Kamailio versions 5.1.1, 5.1.0, and 5.0.0 suffer from an off-by-one heap overflow vulnerability.
b66a979516888fcd02663798f792032a195e6a13fb1ac62c080ec038c284f8d0Vehicle Sales Management System suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.
0fdd7c46c9176818beeeae5259f5201551d88ed32060f5edf8e664fbef680dddGentoo Linux Security Advisory 201803-9 - Multiple vulnerabilities have been found in KDE Plasma Workspaces, the worst of which allows local attackers to execute arbitrary commands. Versions less than 5.11.5-r1 are affected.
1a99ed9c04d1af0265311cdc75bf6d473c91cb41d73ad134c0f8468a24265da5Gentoo Linux Security Advisory 201803-8 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 29.0.0.113 are affected.
5b2d69ebb36a1c24d6164e5b396122c0915d8f806d0e8e383baa90080663f637Gentoo Linux Security Advisory 201803-7 - Multiple vulnerabilities have been found in Gentoo's JabberD 2.x ebuild, the worst of which allows local attackers to escalate privileges. Versions less than or equal to 2.6.1 are affected.
bf15f2eebb72463e49aeb0ca166c7c99fcd782938b6bc67549b18321f14afdfcRed Hat Security Advisory 2018-0548-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a denial of service vulnerability.
3aa5c033e605eb47138b500e3db29784f1b236011aa47287f8c5889ba0a58ed3Red Hat Security Advisory 2018-0546-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a denial of service vulnerability.
db1f289f427bd82e2a0a7609c87f6b5b7083d2d8e803b8c16e248b56f991e700
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed