Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-doc-2.4.16 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the proftpd-doc package of the Debian GNU/Linux operating system can be exploited, which may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the kernel-doc-2.6.8 package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

Multiple vulnerabilities exist in the linux-doc-2.6.18 package of the Debian GNU/Linux operating system. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-doc-2.6.24 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the glibc-doc package of the Debian GNU/Linux operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-41.fc23

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 22 Update: ntp-4.2.6p5-41.fc22

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

CVE-2016-3644

creationtimestamp| type| source ---|---|--- 2016-06-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40034...

CVE-2016-3652

creationtimestamp| type| source ---|---|--- 2016-06-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40041...

[SECURITY] Fedora 24 Update: ntp-4.2.6p5-41.fc24

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

FreeBSD : botan -- cryptographic vulnerability (f771880c-31cf-11e6-8e82-002590263bf5)

MITRE reports : The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SUSE-SU-2016:1528-1 Security update for openssh

openssh was updated to fix three security issues. These security issues were fixed: - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to...

Urban Dictionary: Infinite Upvoting/Downvoting: Lockout Bypass, Plus: Exposed API Documentation

By sending an extra parameter kind=1 in the upvote/downvote API request, a user can vote as many times as he wants without any IP address restriction: http://api.urbandictionary.com/v0/vote?kind=1&direction=up&defid=94413 Seems harmless enough, but your site does depend on the accuracy of the...

SUSE-SU-2016:1386-1 Security update for openssh

This update for OpenSSH fixes three security issues. These security issues were fixed: - CVE-2016-3115: Sanitise input for xauth1 bsc970632 - CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections bsc962313 - CVE-2015-8325: Ignore PAM environment when using login...

[SECURITY] Fedora 23 Update: ocaml-4.02.2-5.fc23

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package comprises two batch compilers a fast bytecode compiler and an optimizing native-code compiler, an interactive toplevel system, parsing tools Lex,Yacc, a replay...

Modular File Scanning Analysis Framework: MultiScanner

MultiScanner is a file analysis framework that allows the user to evaluate a set of files with a set of tools. Tools can be custom built python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules a...

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-40.fc23

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

CVE-2016-2107

creationtimestamp| type| source ---|---|--- 2016-05-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39768...

Uber: Stored XSS in developer.uber.com

An attacker can make a series of requests to https://uber.readme.io/ that will result in permanent defacement/stored XSS of all the documentation pages on https://developer.uber.com/ I'm not entirely sure if this is in scope, but it could definitely have a major impact on developer.uber.com so I...