NethServer version 7.3.1611 suffers from a cross site request forgery vulnerability that allows you to create a user and enable SSH access.
506bd73cba435320476f8c6c120eb81758a4c66abbe6f9abe6c835471d9a47f9
NethServer version 7.3.1611 suffers from a cross site request forgery script insertion vulnerability in Upload.json.
2a0ace159ea005353227f89c3e7216fff084b687422b6176f3145b7decaf0f16
Debian Linux Security Advisory 3956-1 - Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan, a network manager for embedded devices. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service.
1c6dc41641177aab4fc2b9b58a615a854bef0b0a67b8e258359e3e8ec855a6e4
Debian Linux Security Advisory 3957-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. These issues could lead to Denial-of-Service and, in some situation, the execution of arbitrary code.
61083a45d9c0376a31be684fe8b36ad5076bd28860de87aa85fec64e5bb7effb
pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
b3fe02a7507c7edb286076361e381395bd1bef413c6345c139976657bcad9e17
Red Hat Security Advisory 2017-2538-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. Security Fix: A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory by sending specially crafted HTTP requests.
79ce5cdcbe0cbbc085c98d66b45bb72a7aa104db74a886fb9fc2df65ea217b15
Ubuntu Security Notice 3403-1 - Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted document to cause a denial of service. Various other issues were also addressed.
6dd983d679492b9318efe888eca4eb9bab8194da18e90f8b337f86dad6d87e3d
HPE Security Bulletin HPESBHF03770 1 - A potential security vulnerability has been identified in Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat. The vulnerability known as "httpoxy" could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
2af8ae566d18e3cd782b2353bc2bd160ea874bc5b28f246c238fe9f009bc5455
Ubuntu Security Notice 3199-3 - USN-3199-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that the ALGnew function in block_templace.c in the A Python Cryptography Toolkit contained a heap-based buffer overflow A vulnerability. A remote attacker could use this flaw to execute A arbitrary code by using a crafted initialization vector parameter. Various other issues were also addressed.
1428af321c89f55dc7b12672634207a5aca4471a323e200ab47ff1cf2abb4b37
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
2ca96b106cbf6af495fe558e5111838c74cab0492e9b5d376f567b430e57052f
MISP (Malware Information Sharing Platform and Threat Sharing) versions 2.4.79 and below suffer from a cross site scripting vulnerability.
d5d95664a334a528dd6612f67991bd576886442c2f66af94f4b6396b958b356c
Ubuntu Security Notice 3406-1 - It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service or expose sensitive information. It was discovered that a NULL pointer dereference existed in the Direct Rendering Manager driver for VMWare devices in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
713a8ec2966db4dfb7a60eb6aba6c8abc38cb940925a7a8602735cf1998e3b56
Ubuntu Security Notice 3405-2 - USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
9fb7e5e4b1090eb89ab9343b4aac56e8f9b44171aade9cf1e7eb6e419ed30450
Ubuntu Security Notice 3405-1 - It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Huang Weller discovered that the ext4 filesystem implementation in the Linux kernel mishandled a needs-flushing-before-commit list. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
e985c878ac1f840112d8ae173a55521c302cdeedb1d58e78149cb339271b8e3a
Ubuntu Security Notice 3404-2 - USN-3404-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.
2d34da306d516c16c1e2ce1d0a0fe419b9503fabe728dc169521bcf6b9b61947
OpenSSL Security Advisory 20170828 - If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format.
bfe693c207e12bf41b62de943a276fa92f260530bb94dfc8fc7787631bc42165
Ubuntu Security Notice 3404-1 - A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.
fa33301449a180f6590fe7f0733eaeb35c623426b0539632995cb7b32c393c21
Matrimony version 2.7 suffers from a cross site request forgery vulnerability.
816a06c7d7595ef71786ff4e62fb3f1dc153c5931fd480a80b7b0ff526b4b08f
Whitepaper called Offensive and Defensive PowerShell. Written in Turkish.
2890c304c4261dd5eed0bdb50c6c7a26c5b83382a7c23c2b1b6541e599fd298f
Easy RM RMVB to DVD Burner version 18.11 buffer overflow exploit.
0e6caeaabff62e5b13661c152cc35327130cb5693f71488479e4f3a2ad4a8b9e
Posty version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6aac32b2b95d9b88395dda6d01793a7227412fd7fa133fa0f854618d81b1a38e
Easy WMV/ASF/ASX to DVD Burner version 2.3.11 buffer overflow exploit.
e32cd0f9d448918e1a94e76e77bfb0ff63cbbf3418eb1d6d9c56182c8950bec5
VX Search Enterprise version 10.0.14 remote buffer overflow exploit.
13eec855947676a3ba5f8e915538709a850cca19ce222df2d53ae8307fc7f669