Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
94e3405d2449394f4449f18b02472b43cafab01511a07812319b780545eec75dRed Hat Security Advisory 2018-2572-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.4 will be retired as of February 28, 2019, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.4 AMC after February 28, 2019.
fdb6aa505d93686809c13d198cc2a804535e5e6ed5300c098904ef0da7b63fc3Ubuntu Security Notice 3756-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
4d3e0fef07b4fa6cea9ef708a373c5f9e59546b79c7bad817f04b77621877e2fUbuntu Security Notice 3755-1 - It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.
af3eebe3f93ef0e1276ae9901097f86493484a7d3ac0d9d48410d132b8ffdf80Red Hat Security Advisory 2018-2570-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.
253120ac3d5a1cc582da6df87b389508821eea55556219f9c098c1d3ff8f6e7cWhatsApp version 2.18.61 suffers from a memory corruption vulnerability.
05f98770c14444ad83cddd23fdf265911dab07c1540b1184699a7badf9180432Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.
06bfdd27cdd81a700680df765616c42350869863b9bd88df5cddfb49c7dd691aInstagram App version 41.1788.50991.0 denial of service proof of concept exploit.
19773d693baf656adb5bb92660a0ea4e3c6a258c1d0293bcdfdf65cff8a63442SIPP version 3.3 is prone to a local unauthenticated stack-based overflow vulnerability.
f9a8a2ae3dd3fabf0391c08cc0e25a4650275a9a381a853ab709bfb0a1911291Red Hat Security Advisory 2018-2569-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP30. Issues addressed include denial of service and traversal vulnerabilities.
2b9eb923576c2783e71bbd165d8b900ace1dbb212be4907b730fb79db1aec912Microsoft Windows Advanced Local Procedure Call (ALPC) local privilege escalation exploit.
72b0e5a43d223478f7a486b1ed1b7acbdfb0c2859f77ebe2af32a9a113ac1f44Electron WebPreferences suffers from a remote code execution vulnerability. Versions affected include 3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15.
a641a73a84beacc9765a0594fd07c7aaa5f21b5c075d2b74e7da2f66ed14e583Wayland suffers from an out-of-bounds memory access vulnerability in wl_connection_demarshal() on 32-bit systems.
a5b496aada6d3dd3afac34e9833a4bacdfe530c465d39fb4a1e110a1857e5b94There is a use-after-free vulnerability in jscript.dll related to how the lastIndex property of a RegExp object is handled. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network. The vulnerability has been reproduced on multiple Windows versions with the most recent patches applied.
f62d6b1e08f80d9d1673d2fc9b2eeec824adb1729417fe99c60cc9f5f1203e01Red Hat Security Advisory 2018-2571-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.
9c97fcca37429d76dd4735b04e9372618efe6fbbfc5cda020a00a45723751015R version 3.4.4 SEH buffer overflow exploit.
67629e9cd8ab228fb6f2ea58dbcaff86b941af50ae1631468726595ee2201ce4Red Hat Security Advisory 2018-2568-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Issues addressed include denial of service and traversal vulnerabilities.
81773aa1b0c169ccfc2ecf36d8c9f4c0317742188a742e2b2301bcb4c9f0dc85CMS ISWEB version 3.5.3 suffers from a cross site scripting vulnerability.
59d969b81475e2afd4ba7e12456e0534092ed5598a12475ccdf7e2ce8a53e996D-Link DIR-601 version 2.02NA suffers from a privilege escalation vulnerability.
33474835141701c30736e8087db9ef916d7adae2878081c9250a53fa48299500
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed