Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5

Tyler Bohan of Cisco Talos discovered these vulnerabilities. Vanja Svajcer authored this blog post. Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handling of TIFF and PCX...

WordPress WP-Smushit 3.0.2 SQL Injection

Exploit Title : WordPress WP-Smushit Plugins 3.0.2 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : premium.wpmudev.org Software Download Link : downloads.wordpress.org/plugin/wp-smushit.3.0.2.zip Software Information Li...

OpenSSH 7.6p1 SCP Client - Multiple Vulnerabilities (SSHtranger Things) Exploit

Exploit Title: SSHtranger Things Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E. Haase Homepage:...

Information Leakage

OpenSSL is vulnerable to information leakage. When optional compression is used, TLS/SSL protocol does not obscure the length of the unencrypted data. Using this flaw, an attacker can perform brute force attack to guess encrypted TLS/SSL connection...

WordPress Smush Image Compression and Optimization plugin <= 2.9.1 - Authenticated XSS & Phar Deserialization vulnerabilities

Authenticated XSS & Phar Deserialization vulnerabilities found by RIPS Technologies in WordPress Smush Image Compression and Optimization plugin versions = 2.9.1. Solution Update the WordPress Smush Image Compression and Optimization plugin to the latest available version at least 3.0.0...

7-Zip RAR Solid Compression Remote Code Execution (CVE-2018-10115)

A remote code execution vulnerability exists in the RAR component of 7-Zip. This vulnerability is due to improper handling of solid compression...

Debian: Security Advisory (DLA-1600-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: libmspack-0.9.1-0.1.alpha.fc27

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

CentOS 7 : libmspack (CESA-2018:3327)

An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

[SECURITY] Fedora 28 Update: libmspack-0.9.1-0.1.alpha.fc28

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

[SECURITY] Fedora 29 Update: libmspack-0.9.1-0.1.alpha.fc29

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

USN-3814-1: libmspack vulnerabilities

It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. CVE-2018-18584, CVE-2018-18585...

RHEL 7 : libmspack (RHSA-2018:3327)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3327 advisory. The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security...

Low: Red Hat Security Advisory: libmspack security update

An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

SUSE-SU-2018:3540-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such ...

haproxy: Out-of-bounds read in HPACK decoder

A flaw was discovered in the HPACK decoder of haproxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpackvalididx resulted in a remote crash and denial of service...

[SECURITY] Fedora 28 Update: php-tcpdf-6.2.25-1.fc28

PHP class for generating PDF documents. no external libraries are required for the basic functions; all standard page formats, custom page formats, custom margins and units of measure; UTF-8 Unicode and Right-To-Left languages; TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0...

[SECURITY] Fedora 29 Update: php-tcpdf-6.2.25-1.fc29

PHP class for generating PDF documents. no external libraries are required for the basic functions; all standard page formats, custom page formats, custom margins and units of measure; UTF-8 Unicode and Right-To-Left languages; TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0...

CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...

GHSA-6G87-FF9Q-V847 websockets is vulnerable to denial of service by memory exhaustion

The Python websockets library version 4 contains a CWE-409: Improper Handling of Highly Compressed Data Data Amplification vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion. This attack appears to be exploitable...