This Metasploit module exploits a -dSAFER bypass in Ghostscript to execute arbitrary commands by handling a failed restore (grestore) in PostScript to disable LockSafetyParams and avoid invalidaccess. This vulnerability is reachable via libraries such as ImageMagick, and this module provides the latest vector for Ghostscript.
9a18d75e03ae94b3478787aa8898389327fe3597f03bcf6872c9a239283731ae
Ubuntu Security Notice 3760-1 - It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code.
17d61e26c4746d407d65fe27eb577e00ab7563f719d42bd8efc126401b9904bb
DokuWiki version 2018-04-22a Greebo suffers from a CSV formula injection vulnerability that allows for arbitrary code execution.
38a0d8c9e2bdcd800dc35d4dc193605ee19bb114a8e64314caf3b92b9531141a
IDOR on ProConf Peer-Review and Conference Management versions 6.0 and below suffer from an insecure direct object reference vulnerability that allows for file disclosure.
cf0a798397e6134737fc62d6ddc8c42553a30335d607055c61361acb9eaaa401
Cisco Umbrella Roaming Client version 2.0.168 suffers from a privilege escalation vulnerability.
854cf7db0661e303d1f8f5b7c306d195ce2e38588bfe4d01a79185f9c9bd01a8
KONE KGC versions 4.6.4 and below suffer from unauthenticated remote code execution, denial of service, local file inclusion, and missing FTP access control vulnerabilities.
24a911638d8739b82ef739ff95871523a6aba5b8a61b2ae7d362519d4d6d759d
Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 to fix security issues.
0bde2d781a178c6362761a8be95bfb3ce4ff4263e4f481f42b4c1eef1ffc4194
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
28bd391a40713f1f274464b23e879a04c943294e8a0c4a3bbe24c3859b4bf2e3
Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
14096838d0d04a2c7293306d0348996f3bc0573fc8dac84c87bec5efcb0a8b1b
Slackware Security Advisory - New ghostscript packages are available for Slackware 14.2 and -current to fix security issues.
0ee3d64e3cd11cefb550aa4b74364a979ca8f647d10d1019f752f52fc9478e97
Debian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.
bbcf61aaad1ed97d1ae1784f4ceeac29a2930166d62674c6c527d9a84a30d1db
Debian Linux Security Advisory 4285-1 - Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa user or owner view list config files even if edit_list.conf prohibits it.
5c2ba7cbb9fcd992151e2ae9f06b6209136ab9b39e986818b4270b3422c42f07
D-Link Dir-600M N150 suffers from a cross site scripting vulnerability.
444f11430a660b04c77652051691fc159b0b02f27a439acb64ed151f8e15d1ec
WirelessHART Fieldgate SWG70 version 3.0 suffers from a directory traversal vulnerability.
ae75355a974429fe425cf67424fe3abf2e45a54ecb442e56aedba29a976a9490
Jorani Leave Management System version 0.6.5 suffers from a remote SQL injection vulnerability.
47974d826b3ed08e2eaa6f2150d34c2ce21e673acda68c54fdc0ca5aa529ae0e
Jorani Leave Management System version 0.6.5 suffers from a cross site scripting vulnerability.
54e2aa00b5032b1aa0b8e795ccc7a6b48a9688e73edfa20ec16db0b59cdd6d4b
Apache Roller version 5.0.3 suffers from an XML external entity injection vulnerability that allows for file disclosure.
be3369e92980b9a1ab61fa5a01afb6bc1276b06e7260e77f2a410fcd621f3d41
This is a small tutorial write up that provides a DynoRoot exploit proof of concept.
05bd61cb8ce0024fe6348ca11ae1d9aa32b087a7faf6df353ddc2aface0c11eb