Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
7f30cac92feeab2a9281b6059b96f9f163dce9aadcc959a6c0b9a2f6d750cee7This Metasploit modules waits for broadcasts from Ainz CrossChex looking for new devices, and returns a custom broadcast, triggering a stack buffer overflow.
fcc76b20f0ef9b7cb9eacc5f4294aa56b0c1f5cb9149be7799f84734a92a6d8eThe Samsung kernel suffers from a heap out-of-bounds write in /dev/tsmux.
cfdc74006e656bf14b792a3ef9b9b45e5579d2eed455326e014482691d8ebf38XPC fast path fails to ensure NULL termination of XPC strings, leading to memory disclosure and corruption vulnerabilities in XPC services.
177cb639e6a25a5904e8f4f9ae68c987f945f93207a3d09333a7ea42bc47e766launchd on macOS and iOS suffer from a memory corruption issue due to a lack of bounds checking when parsing XPC messages.
13c83122693a08ee0f24211a2e669324b5b58b62191c82afb69d83c51fdecf4aSuiteCRM versions 7.11.10 and below suffer from multiple remote SQL injection vulnerabilities.
6d0664ee294d9c0e355362341a51a1fb0526746a2bbe5d841ef37520620739c4Red Hat Security Advisory 2020-0487-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.
d07d1892269b8f92df66a4d09cc3d2fd52cb020b25b56e79796b27001a2d25efSuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks.
bf17496e890701853063b6c0ff76d7e4c10126a589c0ff3f257def2dcf623ee6OpenTFTP version 1.66 suffers from a local privilege escalation vulnerability.
5d2b25539718d896a4dfdcdac7ba083b886438ab40228dcc00f3b42e60608afeSuiteCRM versions 7.11.11 and below suffer from an action_saveHTMLField bean manipulation vulnerability.
2180571bb1e2260ae7306d067b16cfbedbc9933b8f3852afefaabda12b8e98f8Pandora FMS version 7.0 suffers from an authenticated remote code execution vulnerability.
e8569c21b7bc7bcd154f048ee7b342645684557e5d7eed9343a3c351f795a4a4Red Hat Security Advisory 2020-0497-01 - The release of Red Hat AMQ Online 1.3.3 serves as a replacement for AMQ online 1.3.2, and includes bug fixes and enhancements. Request smuggling and other security issues have been addressed.
26852e77b838e0d5a87fe97d3c16c806d3cdf8d7434d7b5456efee625099d1f1SuiteCRM versions 7.11.11 and below suffer from multiple phar deserialization vulnerabilities.
6635b4d98132797e97d5f7beb1446ac64f1d1b045f58dd11a4416288eebcbc03The AVIRA parsing engine can be bypassed by specifically manipulating the ZIP Archive (GPFLag) making the Avira parser believes the file to be encrypted although it isn't. This leads to the Endpoint ignoring the archive and the Avira Gateway Solutions to follow the "File is encrypted" logic.
ac2daf7bcc95857b4f5049cebd3177cbe3381b4badbb37ff3079ae24ed46821aThe ESET parsing engine can be bypassed by specifically manipulating a ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
e2f741cde9f439ac70973eeae7d76a4af0d0b4eb7a85e38074a57965ddaf71b3SuiteCRM versions 7.11.11 and below suffer from a second-order php object injection vulnerability.
0b39b583ac4c6a3f164f129018fb829ea101106ca187de455b16329ca19a3403Whitepaper called Packet Sniffer to Sniff Sensitive Credentials Only.
903f256eb800e55d6283faf82461a30ade3cfd200b4d8acd6dfd8b9a89f6d7d6SweynTooth captures a family of 12 vulnerabilities (more under non-disclosure) across different Bluetooth Low Energy (BLE) software development kits (SDKs) of six major system-on-a-chip (SoC) vendors. The vulnerabilities expose flaws in specific BLE SoC implementations that allow an attacker in radio range to trigger deadlocks, crashes and buffer overflows or completely bypass security depending on the circumstances.
f44bedf383c9d61f39058db170d8ca3ef17bc3122bb8b97a69aca174d01d9633
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed