CVE-2017-1000024

CVE-2017-1000024 affects Shotwell up to 0.24.4 and 0.25.3 or earlier, with an information disclosure in the web publishing plugins that could leak passwords and OAuth tokens in plaintext. The issue is confirmed across multiple advisories (Mageia/SUSE/openSUSE/Ubuntu) and is addressed by applying ...

Virtuozzo 7 : gstreamer1-plugins-good (VZLSA-2017-0020)

An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Fedora 25 : libdb (2017-372bb1edb3)

Security fix for DBCONFIG parsing when dbhome is not set. This update also introduces modified fixes for rhbz1394862 once again and additionally fixes ppc specific hangs described in rhbz1460003. Please be aware that this update is expected to cause DBVERSIONMISMATCH errors during installation if...

Fedora 24 : libdb (2017-014d67fa9d)

Security fix for DBCONFIG parsing when dbhome is not set. This update also introduces modified fixes for rhbz1394862 once again and additionally fixes ppc specific hangs described in rhbz1460003. Please be aware that this update is expected to cause DBVERSIONMISMATCH errors during installation if...

Virtuozzo 7 : gstreamer-plugins-good / etc (VZLSA-2017-0019)

An update for gstreamer-plugins-good is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

Lynis 2.5.2 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

From BlackEnergy to ExPetr

Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak - you can read our findings here:Schroedinger's Petya and ExPetr is a wiper, not ransomware. As in the case of Wannacry, attribution is very difficult and finding links with previously known malware is challenging. In th...

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

Code injection

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

DEBIAN-CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

UBUNTU-CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

OSEC-2017-01 Local privilege escalation issue with ocaml binaries

Description Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

Automattic: woocommerce - prevent_caching() bug / bypass

As guest visit the following links and look at the headers. Yup there are not caching headers in the response. https://woocommerce.com/.cart/https://woocommerce.com/.cart/ https://woocommerce.com/+cart/https://woocommerce.com/+cart/ https://woocommerce.com/-cart/https://woocommerce.com/-cart/...

Information Disclosure

ansible is vulnerable to information disclosure. It is possible because .result attribute of an ansible.executor.taskresult.TaskResult is being sent to the callback plugins without obscuring stdout information when using a nolog directive...

WordPress WP Checkout Plugins - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugins WP Checkout - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/wp-checkout Date: 13 June 2017 Exploit Author: x0id Tested on: Windows 7 1 Search target with Google Dorking...

Serendipity < 2.1.1 Multiple Vulnerabilities

According to its banner, the version of Serendipity running on the remote host is prior to 2.1.1. It is, therefore, affected by multiple vulnerabilities : - A stored cross-site scripting XSS vulnerability exists in the templates/2k11/admin/category.inc.tpl script due to improper validation of the...

GStreamer gst-plugins-bad Plugin - NULL Pointer Dereference Vulnerability

Exploit for linux platform in category dos / poc Source: https://bugzilla.gnome.org/showbug.cgi?id=775120 The attached file will cause a null pointer access and segfault in the mpegts parser. Current git code, found with afl. ASAN stack trace:...