RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, and SSL-J contain a fix to address Lenstra's attack. RSA BSAFE Micro Edition Suite (MES) 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.1.3, RSA BSAFE Crypto-J 6.2.1, and RSA BSAFE SSL-J 6.2.1 are affected.
c3b17fc3ee05ab56bbef557f3dbd0a4892dd5ce2a6e58fcae51101192165854fUbuntu Security Notice 2948-2 - USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem. Various other issues were also addressed.
275b81339417c812197f69eec7beeedc365d877e550b1d20ee2bd408be49fb77Debian Linux Security Advisory 3547-1 - Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. Any of these security problems have a CVE number assigned.
142f78f9ac4ff42db8341a6ae0cff0f6e4fc9280be69a24bff7a6f6e449fd9ddGnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.
70ef9c9f95822d363036c6e6b5479750e5b7fc34f50e750c3464a98ec65a9ab8tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
0b502699360f09ce2128a39cf02abca07bfc699fc02ce829b3a90cf5e1e8b344Perl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.
cd84d70480486213183c751f06e787f023b2261ad301971f1c15757a078757f7Exploit web applications with SnappingTurtle, a cross-platform tool written in Aphid and compiled into Python. SnappingTurtle can exploit SQL injection, arbitrary upload, local file inclusion, and cross-site scripting.
a5b8094701db252077afcb55bbe7d22f2e1f457fb1b671ab24b4f46b2f5011ceNovell Service Desk versions 7.1.0 and below suffer from code execution, information disclosure, cross site scripting, remote file upload, HQL injection, and traversal vulnerabilities.
c58735b33740e5edd50a8cae45802afa2db11198bcbbc4f1e7779e1640bb8f1c81 bytes small Linux/x86_64 bindshell shellcode that binds to port 5600.
859e1a75311395afca3aca7390e65eccadd68ad886acb0c72d8106f5ec081eb5CAM UnZip version 5.1 suffers from a path traversal vulnerability that allows for code execution.
801d5878708fdba9cecf84f8db7cae0615b691a858521efc97847de2890f7721OpenCart version 2.2.0.0 suffers from a remote PHP code execution vulnerability.
1417eaf1f6b4295c475e0cc0fe94f8b4ddfb74538eee3554c3b8bb9362212ef5WPN-XM version 0.8.6 suffers from a cross site request forgery vulnerability.
ee094c05732b4c27eea8c21fd850ef9e38ee6b36fe9b509f2145d5431162b38cWPN-XM version 0.8.6 suffers from a cross site scripting vulnerability.
7a7c1e768bebb233949624598b2001150a93cbf0cb5ae10be6a52ab59e4d034bDirectAdmin Control Panel version 1.50.0 suffers from a cross site scripting vulnerability.
d936827aaafa73b7b8ec6b09f4046e372adf34843e950a51329f0ec0256f2db4Apache OFBiz versions 13.07.02 and 13.07.01 suffer from an information disclosure vulnerability.
419380278b70977a96c3bc0eef27a2f2209090aa141ae65089eb28df4f069f25DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
c6049c29760e3c6257198295b2fdd4c6a5000e1a5fc071f0a180bf1f99425985Mobilya Scripti 2 suffers from a remote shell upload vulnerability.
f0553b31a8ebb47291d787fabfc5388080415751f064cf2557a9a45ab3fa50caIDA SDK version 6.9 Demo and IDA 5.0 Freeware suffer from a DLL hijacking vulnerability.
48366b45036a800a749b85bca2248bdb06ecde55c5a24ec7a1a74aa165a54239
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed