Debian DLA-2225-1 : gst-plugins-good0.10 security update

Two memory handling issues were found in gst-plugins-good0.10, a collection of GStreamer plugins from the 'good' set : CVE-2016-10198 An invalid read can be triggered in the aacparse element via a maliciously crafted file. CVE-2017-5840 An out of bounds heap read can be triggered in the qtdemux...

Debian: Security Advisory (DLA-2225-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update

Package : gst-plugins-ugly0.10 Version : 0.10.19-2.1+deb8u1 CVE ID : CVE-2017-5846 CVE-2017-5847 Two memory management issues were found in the asfdemux element of the GStreamer "ugly" plugin collection, which can be triggered via a maliciously crafted file. For Debian 8 "Jessie", these problems...

[SECURITY] [DLA 2225-1] gst-plugins-good0.10 security update

Package : gst-plugins-good0.10 Version : 0.10.31-3+nmu4+deb8u3 CVE ID : CVE-2016-10198 CVE-2017-5840 Two memory handling issues were found in gst-plugins-good0.10, a collection of GStreamer plugins from the "good" set: CVE-2016-10198 An invalid read can be triggered in the aacparse element via a...

DLA-2225-1 gst-plugins-good0.10 - security update

Bulletin has no description...

DLA-2226-1 gst-plugins-ugly0.10 - security update

Bulletin has no description...

[SECURITY] Fedora 31 Update: dovecot-2.3.10.1-1.fc31

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

openSUSE Security Update : gstreamer-plugins-base (openSUSE-2020-678)

This update for gstreamer-plugins-base fixes the following issue : Security issue fixed : - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser bsc1133375. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive te...

Jaeles v0.9 - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment, make sure you have Go = 1.13 with Go Modules enable and run the following command. GO111MODULE=...

openSUSE: Security Advisory for gstreamer-plugins-base (openSUSE-SU-2020:0678-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:0678-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser bsc1133375. This update was imported from the SUSE:SLE-15:Update update project...

Security update for gstreamer-plugins-base (important)

openSUSE Security Update: Security update for gstreamer-plugins-base Announcement ID: openSUSE-SU-2020:0678-1 Rating: important References: 1133375 Cross-References: CVE-2019-9928 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This upda...

SUSE SLED15 / SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2020:1300-1)

This update for gstreamer-plugins-base fixes the following issue : Security issue fixed : CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser bsc1133375. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

SUSE-SU-2020:1300-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser bsc1133375...

GLSA-202005-06 : LIVE555 Media Server: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202005-06 LIVE555 Media Server: Multiple vulnerabilities Multiple vulnerabilities have been discovered in LIVE555 Media Server. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced...

metasploit-framework

This is an instance of the Metasploit Framework repository, a widely used penetration testing tool. The Metasploit Framework is a comprehensive platform for testing and exploiting vulnerabilities in computer systems and applications. It is a collection of tools and scripts that can be used to...

Easy Testimonials < 3.6 - Authenticated Stored Cross-Site Scripting (XSS)

Multiple cross-site scripting vulnerabilities in Easy Testimonials 3.5.2 and lower allow remote attackers to inject arbitrary web script or HTML via the Client Name, Position / Web Address / Other, Location Reviewed / Product Reviewed / Item Reviewed, Rating parameter. Successful exploitation of...

container-tools:ol8 security update

buildah 1.11.6-8.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1817742 1.11.6-7 - fix 'COPY command takes long time with buildah' - Resolves...

Unauthorized Access

Roundcube Webmail is vulnerable to unauthorized access. An attacker can access arbitrary files on the host's filesystem, including configuration files due to a flaw related to file-based attachment plugins and task=settings&action=upload-display&from=timezone requests...

Flaws in 2 famous WordPress plugins put millions of sites at risk

By Sudais Asif WordPress WP is one of the most popular content management systems CMS on the planet... This is a post from HackRead.com Read the original post: Flaws in 2 famous WordPress plugins put millions of sites at risk...