Debian: Security Advisory (DSA-3821-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-3819-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-3818-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information disclosure

GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to 1 plugins/anonymousdata.php or 2 plugins/InnovationPlugin.php, which reveals the installation path in an error message...

DEBIAN-CVE-2017-6816

In WordPress before 4.7.3 wp-admin/plugins.php, unintended files can be deleted by administrators using the plugin deletion functionality...

CVE-2017-6816

In WordPress before 4.7.3 wp-admin/plugins.php, unintended files can be deleted by administrators using the plugin deletion functionality...

Lynis 2.4.4 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

WordPress Multiple Plugins - Arbitrary File Upload

WordPress Multiple Plugins - Arbitrary File Upload import requests import random import string print "---------------------------------------------------------------------" print "Multiple Wordpress Plugin - Remote File Upload Exploit\nDiscovery: Larry W. Cashdollar\nExploit Author: Munir...

Stealth Post Exploitation Framework: PhpSploit

Stealth Post Exploitation Framework PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation...

Cisco ASA Remote Code Execution （CVE-2016-1287）

Remote Code Execution on Cisco ASA A year ago ExodusIntel disclosed a vulnerability affecting the IKE implementation in Cisco’s ASA products. The error is due to an overflow in the checking of reassembled IKE fragments, and allows remote code execution from an unauthenticated attacker. More...

openSUSE Security Update : gstreamer-plugins-base (openSUSE-2017-301)

This update for gstreamer-plugins-base fixes the following security issues : - A crafted AVI file could have caused a floating point exception leading to DoS bsc1024076, CVE-2017-5837, bsc1024079, CVE-2017-5844 - A crafted AVI file could have caused a stack overflow leading to DoS bsc1024047,...

HotelCMS with Booking Engine - SQL injection vulnerability

http://localhost/PATH/locale? locale=SQL the locale parameter there is sql injection Wherein the error injection as follows: payload: http://localhost/PATH/locale? locale=1' AND SELECT 3507 FROMSELECT COUNT,CONCATFLOORRAND02,md5233x FROM INFORMATIONSCHEMA. The PLUGINS GROUP BY xa-- Lilt Test...

openSUSE: Security Advisory for gstreamer-plugins-good (openSUSE-SU-2017:0071-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rabbitmq-server (openSUSE-SU-2017:0306-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 25 : mingw-gstreamer1-plugins-base (2017-a56d78acb8)

Security fix for CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844 - Downgrade to 1.10.3 as it is the latest stable release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

Debian DLA-830-1 : gst-plugins-bad0.10 security update

Some memory management issues were found in the GStreamer 'bad' plugins : CVE-2017-5843 A use after free issue was found in the mxfdemux element, which can can be triggered via a maliciously crafted file. CVE-2017-5848 The psdemux was vulnerable to several invalid reads, which could be triggered...

Debian DLA-827-1 : gst-plugins-base0.10 security update

It was discovered that it is possible to trigger a floating point exception in GStreamer via specially crafted files, causing a denial of service. For Debian 7 'Wheezy', these problems have been fixed in version 0.10.36-1.1+deb7u2. We recommend that you upgrade your gst-plugins-base0.10 packages...

Debian DLA-829-1 : gst-plugins-ugly0.10 security update

Two memory management issues were found in the asfdemux element of the GStreamer 'ugly' plugin collection, which can be triggered via a maliciously crafted file. For Debian 7 'Wheezy', these problems have been fixed in version 0.10.19-2+deb7u1. We recommend that you upgrade your...

Fedora 25 : mingw-gstreamer1-plugins-bad-free (2017-216f4b9f9d)

Security fix for CVE-2017-5848, CVE-2017-5843 - Downgrade to 1.10.3 as it is the latest stable release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as muc...

Fedora 25 : mingw-gstreamer1-plugins-good (2017-1fc4026d15)

Security fix for CVE-2016-10199, CVE-2017-5845, CVE-2017-5840, CVE-2017-5841 - Downgrade to 1.10.3 as it is the latest stable release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...