Moderate: Red Hat Security Advisory: ntp security update

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

RHEL 6 : ntp (RHSA-2017:3071)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3071 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. These packages include the ntpd...

Debian DLA-1125-1 : botan1.10 security update

CVE-2017-14737 Fix of cache-based side channel attack, which could recover information about RSA secret keys. For Debian 7 'Wheezy', these problems have been fixed in version 1.10.5-1+deb7u4. We recommend that you upgrade your botan1.10 packages. NOTE: Tenable Network Security has extracted the...

DEBIAN-CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

(0Day) Eaton ELCSoft DEV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of a D...

CVE-2017-14483

CVE-2017-14483 affects the Gentoo dev-python/flower package prior to 0.9.1-r1. The issue arises in flower.initd where the PID file is created with ownership by a non-root account. This can allow local users to terminate arbitrary processes by exploiting access to that non-root account to modify t...

Linux PDF rendering engine poppler SplashOutputDev.cc SplashOutputDev::type3D0() is vulnerable to a null pointer reference.

Poppler is used to generate a PDF of the C++ class library , from xpdf inheritance. Linux PDF rendering engine poppler SplashOutputDev.cc SplashOutputDev::type3D0 there is a null pointer reference vulnerability. An attacker could cause a denial of service attack when processing a malicious PDF fi...

anchor-cms cross-site scripting vulnerability

anchor-cms is an open source light blogging system. The system supports Markdown editor , custom fields and multiple languages and so on. A cross-site scripting vulnerability exists in versions prior to anchor-cms 0.9-dev. A remote attacker can exploit this vulnerability to inject arbitrary web...

CVE-2015-5060

Cross-site scripting XSS vulnerability in anchor-cms before 0.9-dev...

CVE-2015-5060

Cross-site scripting XSS vulnerability in anchor-cms before 0.9-dev...

OpenSSL 'OOB read' Security Bypass Vulnerability - Windows

OpenSSL is prone to an SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

Debian DSA-3955-1 : mariadb-10.1 - security update

Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.26. Please see the MariaDB 10.1 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10124-release- notes/ -...

See my how-to the Apache fuzzing and dig to a value of 1500 knife of vulnerability-vulnerability warning-the black bar safety net

Target In the AFL in the view of the Apache httpd server's crash logs, I found a lot of problems. For example, some crash testing with example in fuzz testing tools internal collapse, but also affect the test program stability. In this article, I will talk to you to explain the test case to crash...

Failed integer overflow check leads to heap overflow in driver /dev/qce (CVE-2016-3935)

No description provided by source. https://github.com/jiayy/androidvulnpoc-exp/tree/master/EXP-CVE-2016-3935...

Code injection

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows remote attackers to write arbitrary data to a known /var/tmp/sess pathname by leveraging the device's operation in UI dev mode...

CVE-2017-9485

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows remote attackers to write arbitrary data to a known /var/tmp/sess pathname by leveraging the device's operation in UI dev mode...

HP PageWide / OfficeJet Pro Printers Arbitrary Code Execution

Create a bind shell on an unpatched OfficeJet 8210 Write a script to profile.d and reboot the device. When it comes back online then nc to port 1270. easysnmp instructions: sudo apt-get install libsnmp-dev pip install easysnmp import socket import sys from easysnmp import snmpset profiledscript =...

GLSA-201705-15 : sudo: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201705-15 sudo: Privilege escalation Qualys discovered a vulnerability in sudos getprocessttyname for Linux, that via sudottynamescan can be directed to use a user-controlled, arbitrary tty device during its traversal of /dev by...