UBUNTU-CVE-2017-3224

Open Shortest Path First OSPF protocol implementations may improperly determine Link State Advertisement LSA recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, a...

Moderate: Red Hat Security Advisory: fluentd security update

An update for fluentd is now available for Red Hat OpenStack Platform 13.0 Operational Tools for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

fluentd: Escape sequence injection in filter_parser.rb:filter_stream can lead to arbitrary command execution when processing logs

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

BST (Binary String Toolkit) - Quickly And Easily Convert Binary Strings For All Your Exploit Development Needs

The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes, such as those used to develop exploits in the security field. Features Dump files content to standard output in a binary string format...

Serverhuwenhui Directory Traversal Vulnerability

serverhuwenhui is an http server. A directory traversal vulnerability exists in serverhuwenhui. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

cyberjs directory traversal vulnerability

cyberjs is a JavaScript library for cyber. A directory traversal vulnerability exists in cyberjs. An attacker can gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

tiny-http directory traversal vulnerability

tiny-http is an http server. A directory traversal vulnerability exists in tiny-http. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

Sencisho Directory Traversal Vulnerability

Sencisho is an http server for local development. A directory traversal vulnerability exists in Sencisho. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

Serveryaozeyan Directory Traversal Vulnerability

serveryaozeyan is an http server. A directory traversal vulnerability exists in serveryaozeyan. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in the URL to gain access to the file system. The file system...

iter-http directory traversal vulnerability

iter-http is a Node.js based http server. A directory traversal vulnerability exists in iter-http. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence into the URL to gain access to the file system...

Tinyserver2 Directory Traversal Vulnerability

tinyserver2 is a static content server. A directory traversal vulnerability exists in tinyserver2. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

node-simple-router directory traversal vulnerability

node-simple-router is a simple router for Node. A directory traversal vulnerability exists in node-simple-router. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...

Serverwg Directory Traversal Vulnerability

serverwg is an http server. A directory traversal vulnerability exists in serverwg. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

tmock Directory Traversal Vulnerability

tmock is a static file server. A directory traversal vulnerability exists in tmock. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

Serverwzl Directory Traversal Vulnerability

serverwzl is an http server. A directory traversal vulnerability exists in serverwzl. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

nodeaaaaa Directory Traversal Vulnerability

nodeaaaaa is a static file server. A directory traversal vulnerability exists in nodeaaaaa. An attacker can gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

utahcityfinder Path Traversal Vulnerability

utahcityfinder is a package for building a list of Utah cities. A directory traversal vulnerability exists in utahcityfinder. An attacker could gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

Welcomyzt Path Traversal Vulnerability

welcomyzt is a file server. A path traversal vulnerability exists in welcomyzt. An attacker could gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...