EUVD-2012-1227

Malware in sbrugna...

The Ramifications of Ukraine’s Drone Attack

You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U.S. air bases? Or the...

RHEL 9 : gstreamer1-plugins-base (RHSA-2025:7243)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7243 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contai...

[SECURITY] [DLA 4021-1] 389-ds-base security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4021-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura January 19, 2025 https://wiki.debian.org/LTS -...

RHSA-2024:11117 Red Hat Security Advisory: gstreamer1-plugins-base security update

Bulletin has no description...

SUSE-SU-2023:3225-1 Security update for qt6-base

This update for qt6-base fixes the following issues: - CVE-2023-34410: Fixed certificate validation does not always consider whether the root of a chain is a configured CA certificate bsc1211994. - CVE-2023-33285: Fixed buffer overflow in QDnsLookup bsc1211642. - CVE-2023-32762: Fixed Qt Network...

PT-2023-35925 · Oracle · Java.Base

Name of the Vulnerable Software and Affected Versions: java.base affected versions not specified Description: A security exception crash has been reported in java.base. The crash occurs in the java.util.regex.Pattern class, specifically in the Loop.match, GroupTail.match, and BranchConn.match...

OESA-2023-1296 qt5-qtbase security update

This package provides base tools, such as string, xml, and network handling. Security Fixes: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and...

Process_Overwriting - Yet Another Variant Of Process Hollowing

Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading Process Hollowing aka RunPE is an old and popular PE injection technique. It comes in has variety of flavors, but there are some steps in common: 1. Start by creating a process in a...

Amazon Linux 2 : 389-ds-base (ALAS-2021-1723)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1723 advisory. A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then...

Unspecified Vulnerability in Oracle Installed Base

Oracle Installed Base is a project lifecycle management application from Oracle Corporation Oracle. It provides enterprise-wide internal lifecycle project management and tracking capabilities. A security vulnerability exists in the APIs component of Oracle Installed Base version 12.1.3. An attack...

silvertentacle.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1051963 Security Researcher howardpotts Helped patch 258 vulnerabilities Received 3 Coordinated Disclosure badges Received 1 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting silvertentacle.com websi...

[SECURITY] [DLA 1428-1] 389-ds-base security update

Package : 389-ds-base Version : 1.3.3.5-4+deb8u1 CVE ID : CVE-2015-1854 CVE-2017-15134 CVE-2018-1054 CVE-2018-1089 CVE-2018-10850 CVE-2015-1854 A flaw was found while doing authorization of modrdn operations. An unauthenticated attacker able to issue an ldapmodrdn call to the directory server cou...

389-ds-base security update

1.2.11.15-34 - Release 1.2.11.15-34 - Resolves: 1123861 EMBARGOED CVE-2014-3562 unauthenticated information disclosure rhel-6.5.z DS 616, BZ 1123477...

resteasy-base security update

2.3.5-3 - Resolves: rhbz1121917 - CVE-2014-3490: XXE via parameter entities...

Basic Analysis and Security Engine (BASE) 1.4.5 - includesbase_cache.inc.php?base_path Remote File Inclusion

Basic Analysis and Security Engine BASE 1.4.5 - includesbasecache.inc.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/51979/info BASE is prone to a security-bypass vulnerability and multiple remote file-include vulnerabilities. An attacker can exploit these issues to...

CVE-2009-4591

SQL injection vulnerability in Basic Analysis and Security Engine BASE before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...