FS Freelancer Clone suffers from a remote SQL injection vulnerability.
1f4b5ec15f3ce1622270a509b91ddc80ec0f418b6cf79be3b04762928a6c1665Ubuntu Security Notice 3441-2 - USN-3441-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. A Daniel Stenberg discovered that curl incorrectly handled large A floating point output. A remote attacker could use this issue to cause A curl to crash, resulting in a denial of service, or possibly execute A arbitrary code. Various other issues were also addressed.
7aae14ec5ba893ef0d780ab62a86bba669dd2dbe21dca9f3ab0beb40cb92a0f0Ubuntu Security Notice 3458-2 - USN-3458-1 fixed a vulnerability in ICU. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that ICU incorrectly handled certain inputs. If an A application using ICU processed crafted data, a remote attacker could A possibly cause it to crash or potentially execute arbitrary code with A the privileges of the user invoking the program. Various other issues were also addressed.
e5f20afd7d7e0e8d8e517e0c5504d5f49f164f954343b98e97920f4233af7766Ubuntu Security Notice 3461-1 - It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause a denial of service or potentially escalate their privileges on the system.
663258a4aea245e2accd9a76c115a3fbe688ebb2ab8f368a1d2605cf04ace536Ubuntu Security Notice 3458-1 - It was discovered that ICU incorrectly handled certain inputs. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
274a8461ed742fcb98d0a61c06e1852430fc7a0eb87b93f78e51758031e7048aUbuntu Security Notice 3460-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
384ba8dedaf6420ae5558b7f6d647f6c22ec2ef1adbb37214209079c32ac2906Kaltura versions 13.1.0 and below suffer from a remote code execution vulnerability.
73bbdc3dfb63fe71bff9b533363ded6daba1c5d251d456a8d077bb1e4caf737cGentoo Linux Security Advisory 201710-27 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.78 are affected.
38689f62169ad9727d20db758cda09ebd860a0cf445ff581a92ce63c5f6b096aGentoo Linux Security Advisory 201710-26 - Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.3.0:2 are affected.
869f6c6e091d19293a71cba637355cc94a93b938d26ef5543bfaaf688f1098edGentoo Linux Security Advisory 201710-25 - Multiple vulnerabilities have been found in the PCRE Library, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 8.41 are affected.
2193225aa04df440a7b00f39ed529a699177212702436597ca09649b8e8a3b5dRed Hat Security Advisory 2017-3002-01 - Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. The following packages have been upgraded to a later upstream version: rh-nodejs4-nodejs. Security Fix: It was found that Node.js was using a non-randomized seed when populating hash tables. An attacker, able to supply a large number of inputs, could send specially crafted entries to the Node.js application, maximizing hash collisions to trigger an excessive amount of CPU usage, resulting in a denial of service.
b7c8154b1f5237a078676a57b89ad1b4f6366494158e4a90b9f5691fbdad6562Red Hat Security Advisory 2017-2999-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 151. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
5a4ce654a7f1a56a3e0c28d38c35a7bd07a67e4a9e13e00e1109d326f55215e6Gentoo Linux Security Advisory 201710-24 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 62.0.3202.62 are affected.
a3f601b3c1424c220b0f15954ed5a1dea8576ebb6231a9b661bad5f2fb60ea2dGentoo Linux Security Advisory 201710-23 - Multiple vulnerabilities have been found in Go, the worst of which may result in the execution of arbitrary commands. Versions less than 1.9.1 are affected.
bf94b265f8846c16e26ea3dc339c3f0268d4a939482de4292f29ffc877facaceGentoo Linux Security Advisory 201710-22 - A vulnerability in Adobe Flash Player might allow remote attackers to execute arbitrary code. Versions less than 27.0.0.170 are affected.
dc65b829c89803538e09910cafc7de0940c865803aba55f2c2c947582b61ed06Ubuntu Security Notice 3459-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.58 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10 have been updated to MySQL 5.7.20. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
60e04cc4314d1e6802ea9de37fddc302419ea27711619e9ac828c586652f347fUbuntu Security Notice 3457-1 - Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.
1b115a38c70e2d18635e3fe9217eb65e896a4c7c70caa393bd607a28352ff906This article presents a cross-platform test harness written in Python that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality. The tool automates the delivery of test cases (font files in this context) into a web browser. The creation of a corpus of mutated TTF font files suitable for use in fuzzing is also covered.
c8318c528d7e608b8d2215bee4998862b6f54b96d2c952d42a31f344c81b6f0d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed