Binance version 1.5.0 suffers from an insecure file permission vulnerability.
0ba40ef38f7c377b34843572406e4fa76e67e64496e66eefba5e463e61a79b4a
HomeMatic Zentrale CCU2 suffers from an unauthenticated remote code execution vulnerability.
b4f6a0c88899f62f3f28993af5b88a42122c638c13259600aa79b07025590e42
Ubuntu Security Notice 3717-2 - USN-3717-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain duplicate action IDs. A local attacker could use this issue to cause PolicyKit to crash, resulting in a denial of service, or possibly escalate privileges. Various other issues were also addressed.
0e50fe8144849a5cdb19a5c84bfb390d531f53793544abd196d8c4665d9109c3
Red Hat Security Advisory 2018-2216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
3dc70edca078d389b1c668dd81872c380a57b2d0c376028b81cd29fabc95e7af
Debian Linux Security Advisory 4247-1 - A timing attack was discovered in the function for CSRF token validation of the "Ruby rack protection" framework.
8190086dbd6a857b5e5b9fbeaf2d2e2876e63e54e53d615d5e4fb5c4ce3cedd6
Gentoo Linux Security Advisory 201807-1 - A vulnerability in tqdm could allow remote attackers to execute arbitrary code. Versions less than 4.23.3 are affected.
c2ff1c9645129cc635094a7ab18992e5a9294b30111d5694e55fa9ab84f5b797
Slackware Security Advisory - New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
036969020dfa214fb88dfbf1b119f2eedc77ece499f7bc5e881cdf1b874f5f11
Debian Linux Security Advisory 4249-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
bc817a1ba32502d64e44e0e7934bd20d5286ef7fe74125516251f3732335d796
Debian Linux Security Advisory 4248-1 - Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.
fea67846780c697b0fe1ace22ae0158ab68f7f1e777a3b34e3b13d1bd4e24e80
Doorkeeper versions 4.2.0 through 4.3.2 and 5.0.0.rc1 suffer from a token revocation vulnerability.
08ac87e1b829431db9b341f770173cc5f495a8851d19ff3fee5a5def79fd3e39
TP-Link Archer C2 router version 3.0 suffers from a remote code execution vulnerability.
a0e5aedad6b9c69fff87c8273ec4601ef3d05652bffa16e3abb3c7a3060d09e6
This Metasploit module exploits a command injection vulnerability in the change_passwd API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin' operating system user. Valid credentials for the 'admin' user account are required, however, this module also exploits a separate password disclosure issue which allows any authenticated user to view the password set for the 'admin' user during first install. This Metasploit module has been tested successfully on QNAP Q'Center appliance version 1.6.1075.
2512d7b1edc015bac56416ba2dcdd6270221ff0334fb6e455fe43015d981b8ba
This Metasploit module takes advantage of miner remote manager APIs to exploit an remote code execution vulnerability.
0ca07392f09cf7f9e00d05b5a58fc620e9f3f2ac9626ff815c38cd1ad9c63d14
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
85346b4d026e6a041c8e326d2cc64b5f5361b032075c89c5854f16dbc02fce6f
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
1936eb64f03aaefd6eb16cef0567457777618573826b94d03376bb6a4afadc44