Ubuntu usb-creator version 0.2.x suffers from a local privilege escalation vulnerability.
27e7534406105f4aac22b824922f5877288f2d101993ee3f2c655de195ee6dd6Red Hat Security Advisory 2015-0884-01 - The novnc package provides a VNC client that uses HTML5 and includes encryption support. It was discovered that noVNC did not properly set the 'secure' flag when issuing cookies. An attacker could use this flaw to intercept cookies via a man-in-the-middle attack. All novnc users are advised to upgrade to this updated package, which corrects this issue.
7537486bde6230c7e70cace23d5c5d3bf77dce63d7ddb051bdae0a85496238ffMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
8c363063fa6937826f8647e47fc3e5ef999ccb90110e0cb64befdd45cda8372cHoneywell XLWEB SCADA controller suffers from a remote path traversal vulnerability that allows for remote code execution.
ee6a9dd2740fbab23901b5e759ec313b5cebd9ef618a61394f8d8704f2189df1Ubuntu Security Notice 2577-1 - It was discovered that wpa_supplicant incorrectly handled SSID information when creating or updating P2P peer entries. A remote attacker could use this issue to cause wpa_supplicant to crash, resulting in a denial of service, expose memory contents, or possibly execute arbitrary code.
2279e6e2ac03ad8f13aa40eceaf5e03cab1e3b0eb08e72e03a747b70f05a2ffcUbuntu Security Notice 2576-1 - Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.
e4168614543efb3387f9b85d0e927ff750f006c5190161c6b8ba4fc4b5c04da2Ubuntu Security Notice 2576-2 - USN-2576-1 fixed a vulnerability in usb-creator. This update provides the corresponding fix for Ubuntu 15.04. Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.
e8d76a6c30bc2003f499f1da7592ef43ae21b9dc020edfc72a2265a142333221Avsarsoft Matbaa Script suffers from cross site scripting and remote shell upload vulnerabilities.
66d3454214fa484ffc9e57110b11324f1f1dae0d839287ad32694e041cc64bedPligg CMS version 2.0.2 suffers from a cross site scripting vulnerability.
f1df25d6bd296cf443cd0a2ec4f50554b65c1ab71679ebb6e90c7982ab54faa6ZYXEL P-660HN-T1H_IPv6 remote configuration editor / web service denial of service exploit.
8813feb1830fa068aa80eccbe2bace47ee9518e75012d7355ca4cf61c035dbf0Free MP3 CD Ripper versions 2.6 and 2.8 .wav SEH-based buffer overflow exploit.
373482138ce00dfe1ff90d3548d03d8d3b56c24f77088b12e099501be649772awpa_supplicant version 2.x on Android suffers from a heap overflow that can lead to memory information leaks and remote code execution.
01ee6f07cd1dc7ed4b4d9fe43c5c2e39e7896e387437595d2ed70ee28df47ecbDnsmasq version 2.72 does not properly check the return value of the setup_reply() function called during a tcp connection (by the tcp_request() function). This return value is then used as a size argument in a function which writes data on the client's connection. This may lead, upon successful exploitation, to reading the heap memory of dnsmasq.
15ce37ec8c0427813ec7b2856b386f96b7f86c6dd544e1d7626c85e4d9919940Socrata Online Service suffers from a script insertion vulnerability.
00abdd243861d3f2dc99eff7e496437710ed8714f01a0e953dabdfe6818b6a52Magento eCommerce suffers from authentication bypass, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.
b1bb0bc0421bad1545aa417e1a52602a15ab67d91412ccd0951fcf453a82a036
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed