iSmartAlarm CubeOne suffers from a remote command execution vulnerability that allows disabling the alarm and setting it off.
4430cd29b879fd0975002c47989434a03744c202fb70efe80eea72dbabd51292Ubuntu Security Notice 3353-2 - USN-3353-1 fixed a vulnerability in Heimdal. This update provides the corresponding update for Samba. Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network servers or perform other attacks.
a459fdb8a6a1a92ac53e727a0c759b4b6fb90e95c344e1abc3d9aad978ed05baUbuntu Security Notice 3353-1 - Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Heimdal clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks.
e52276393cab19ea039b4059f324c242fe0308ee69241319d25ff56c997063faCisco DDR2200 and 2201v1 ADSL2+ Residential Gateway devices suffer from insecure direct object reference vulnerabilities that allow for remote code execution as well as a path traversal issue.
7653bf6d69854327291ba03c42436923b5ed5b87b1ea493bea7feccbee2bd185WDTV Live suffers from a remote SMP password reset vulnerability.
adf823f3fce3f792bea062367944f3a2c224fff3b6c5a0a5c1b4888072593ee5Counter Strike: Condition Zero .BSP map file code execution exploit.
1aaae42dcf775bae0172248b3082263a9ac732e19aa248d45bc4c3b2e68c7ed7Firefox version 50.0.1 full ASLR and DEP bypass exploit using ASM.JS JIT-spray.
86cecd285d657c050c53a7f7a6a47081e1bc4db32994a106122cf7a3a0d39213Apache Struts 2.3.x Showcase remote code execution proof of concept exploit.
cd6e613e04931295e1cb05abb73544d2cbf655028faed41cdb86dc4dc0492257Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
ad800e313ece9b4e4ef11b2bdfe15bd73d3c8e51833bc4466525b8f0d8ac86aaDasan Networks GPON ONT WiFi Router H64X Series suffers from a system configuration download vulnerability.
a627da9c1df890eec3dbf9c40fe603019d72bd3fa530fe22b040805a1417bfdeOrion Elite Hidden IP Browser Pro versions 1.0 through 7.9 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities.
ea153ef267f8201a7355e376eb43cd29dc8fbd90d5353fe0f4d060beb44b2f07Debian Linux Security Advisory 3908-1 - An integer overflow has been found in the HTTP range module of Nginx, a high-performance web and reverse proxy server, which may result in information disclosure.
cd5d2384bd7687090fd755285606347e1b18cee5c52c2981199d70b0f3637271Ubuntu Security Notice 3352-1 - It was discovered that an integer overflow existed in the range filter feature of nginx. A remote attacker could use this to expose sensitive information.
600f498d7b4084bab728c07868e8b5a07ccd3733023e2b76c91ac8906d9da164Ubuntu Security Notice 3351-1 - Felix Wilhelm discovered that Evince did not safely invoke tar when handling tar comic book files. An attacker could use this to construct a malicious cbt comic book format file that, when opened in Evince, executes arbitrary code. Please note that this update disables support for cbt files in Evince.
3fe5d19b26214d0b95ad2ff9a1f3a7333b9d4af545c0497976e300077f278004Microsoft Windows has a bad fix for the COM session moniker that can allow for elevation of privilege.
0513905439fcd24b1c37ca2f061101e2c62f7d370913d6c5f709593e098f6c5d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed