Red Hat Security Advisory 2017-3392-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.
ca32abbf1eb81bce01cfed2e18d19f591d66881e2fc8d09c626f0ebdc112de1e
Ubuntu Security Notice 3505-1 - Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information.
72a34e78317c166da81b0eff736ba721011438c53db42ebb9851cc788f20fcb6
Hashicorp vagrant-vmware-fusion version 5.0.0 suffers from a local privilege escalation vulnerability.
24aa1a353f029401bbaa881dd3478a872aa822825677ec04864bd8e1abe615ae
FS Makemytrip Clone suffers from a remote SQL injection vulnerability.
1ab8dd12c150bc42ae86696900e779fc3af6598d47ea1ff25f0a0d389ab73401
VX Search Enterprise version 10.2.14 buffer overflow exploit.
67c80b40f2f5738579c35d0fbbf9e82e90d4e8651d8a6c48fb6976727a048ebd
FS Facebook Clone suffers from a remote SQL injection vulnerability.
ab6647ce4347f1f619f0a1b0b4e7ce24f026709ca93905cc42f40270f84f8466
FS IMDB Clone suffers from a remote SQL injection vulnerability.
1a6748ee9ed73c167c5b03f1f6fd38c60b0fece2c5761b9bf1cf085754277641
Proxifier for Mac version 2.19 suffers from a local privilege escalation vulnerability.
9fbf43fc49a132a5d63bab0b1a34230d9aec8188c18601a2fac9f08e1e10f248
FS Shaadi Clone suffers from a remote SQL injection vulnerability.
7c3d67785eb7571bddbfa22587a2b3ac647a64890666345ed9c23032371fdd17
This Microsoft bulletin summary holds information regarding Microsoft security updates for December, 2017.
2cecaee488ea2d406fdee106beed031d3376b9ef0bd777c8bf8b89e5f5470a44
Murus version 1.4.11 suffers from a local privilege escalation vulnerability.
0e54dcdaf89088884b3b4fe8c860ce2c1820fba2438e4d457cf098eaa6db9be6
Hashicorp vagrant-vmware-fusion version 5.0.3 suffers from a local privilege escalation vulnerability.
a43a4f4049b059f5e05989d2e4d5835eb43f12c8ebe97a54b0d5b01a3c10b058
Hashicorp vagrant-vmware-fusion version 5.0.1 suffers from a local privilege escalation vulnerability.
a13caeb5ec2db813859827321e421beb3cb89c74635957eef18041162682a798
Readymade Classifieds Script version 1.0 suffers from a remote SQL injection vulnerability.
530b379f93769462b6ebb7bf637769953f2044d4448be62d3adfe79293544dd9
Techno Portfolio Management Panel version 1.0 suffers from a remote SQL injection vulnerability.
685ef5f2a835ecbeddd2666de5b2f1d38b36290cbf06c9bf46a49e89a39c7e3b
Perspective ICM Investigation and Case version 5.1.1.16 suffers from a privilege escalation vulnerability.
fe5a2efcbb06c628166488b411e5e50c98f3e34720f7cd6d471a027d8826b4d4
Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl.
3b279dce0d9c718461f40aa25c45dc95b868af836e0345f39644d63fbbe6acdf
This Metasploit module exploits a flaw in how the Equation Editor handles OLE objects in memory to execute arbitrary code using RTF files without interaction.
16ad4379e6651e3ce0e9433a9c32d2a5e70809affcfd3f999c329227ce6dbc46