django -- multiple vulnerabilities

Django team reports: These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible. Open redirect and possible XSS attack via user-supplied numeric redirect URLs Open redirect vulnerability in django.views.static.serve...

DEBIAN-CVE-2017-1001000

The registerroutes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the emulatedapdufromguest function in the usb/dev-smartcard-reader.c file of the QEMU hardware emulation software, which supports emulation of CCID Card devices, is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker, operating locally, to...

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the console-based graphic editor ImageMagick is caused by a numerical overflow. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure termination of the application by sending large input data...

Fedora 25 : python-peewee (2017-b3b65a20c4)

Backport upstream fix to force limit and offset to be numeric Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

GLSA-201612-28 : Docker: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201612-28 Docker: Privilege escalation Docker does not properly distinguish between numeric UIDs and string usernames. Impact : Local attackers could possibly escalate their privileges. Workaround : There is no known workaround at...

tso-brute NSE Script

TSO account brute forcer. This script relies on the NSE TN3270 library which emulates a TN3270 screen for NMAP. TSO user IDs have the following rules: - it cannot begin with a number - only contains alpha-numeric characters and @, , $. - it cannot be longer than 7 chars Script Arguments...

UBUNTU-CVE-2016-9375

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful...

SQL Injection Vulnerability in Nine to Five Network Website Building System

Ninety-five Network Building System is a general-purpose CMS system. The product has SQL injection vulnerability, vulnerability URL: http://target/News.asp?newskind= The vulnerability parameter is newskind , type is GET injection, numeric injection, the attacker can use the vulnerability to obtai...

SecNews: Querying private posts and changing post meta

Summary --- Unauthenticated user can run arbitrary post queries and insert arbitrary numeric post meta via vulnerable /wp-content/themes/SecNews-NewCustom/functions/ajax.php file. I'm including two exploits in one report because the fix for both is the same, i.e. delete ajax.php. Run arbitrary po...

Knight CMS Talent System v3.7 has SQL Injection Vulnerabilities

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS Talent System v3.7 suffers from a SQL injection vulnerability due to numeric variable filtering being missed resulting in injection, allowing remote attackers to exploit the vulnerability by submitting special...

The vulnerability of the Android operating system, which allows a hacker to circumvent existing access restrictions

The vulnerability of the function in app/aboot/aboot.c of the Qualcomm Android operating system is caused by a numerical overflow. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions using specially crafted values...

The vulnerability of Symantec’s antivirus protection tools allows a hacker to execute arbitrary code.

The vulnerability of the Dec2LHA.dll file in Symantec’s anti-virus protection software is caused by a numerical overflow or buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted file...

Vulnerability of Apache Tomcat software, allowing a remote attacker to compromise protected information

A numerical overflow in the java/org/apache/tomcat/util/buf/Ascii.java file in Apache Tomcat when working with a reverse proxy server allows malicious actors operating remotely to carry out an attack with a hidden HTTP request, using a specially crafted Content-Length HTTP header...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A numerical overflow in the cdfreadpropertyinfo function in the cdf.c file of the Fileinfo component in PHP allows malicious actors operating remotely to cause a service failure abrupt termination of the application by using a specially crafted CDF file...

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to incorrect numerical transformations when processing typed arrays. Exploiting this vulnerability allows malicious actors to cause service interruptions access to the array beyond its boundaries or otherwise affect the system by using...

Vulnerabilities in the PHP interpreter and the Mac OS X operating system, which allow attackers to trigger service failures or execute arbitrary code.

The multiple vulnerabilities of the mbflstrcut function ext/mbstring/libmbfl/mbfl/mbfilter.c in the PHP interpreter and the Mac OS X operating system are caused by a numerical overflow. Exploitation of these vulnerabilities could allow an attacker to cause a service failure application terminatio...

CVE-2016-3697

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...

DEBIAN-CVE-2016-3697

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...

CVE-2016-3697

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...