Ubuntu Security Notice USN-3532-2
Ubuntu Security Notice 3532-2 - USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from...
View ArticleUbuntu Security Notice USN-3523-3
Ubuntu Security Notice 3523-3 - Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack....
View ArticleUbuntu Security Notice USN-3527-1
Ubuntu Security Notice 3527-1 - Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or opening malformed files, an...
View ArticleUbuntu Security Notice USN-3528-1
Ubuntu Security Notice 3528-1 - It was discovered that Ruby incorrectly handled certain terminal emulator escape sequences. An attacker could use this to execute arbitrary code via a crafted user name....
View ArticleTP-Link Remote Command Injection
Many TP-Link products suffer from multiple authenticated remote command injection vulnerabilities.
View ArticleUbuntu Security Notice USN-3522-3
Ubuntu Security Notice 3522-3 - USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown. Unfortunately, that update introduced a regression where a few systems failed to boot...
View ArticleJungo Windriver 12.5.1 Privilege Escalation
Jungo Windriver version 12.5.1 suffers from a privilege escalation vulnerability.
View ArticleJoomla! Easydiscuss Cross Site Scripting
Joomla! Easydiscuss component versions prior to 4.0.21 suffer from a cross site scripting vulnerability.
View ArticleWordPress MQ ReLinks 1.8 XSS / Open Redirection
WordPress MQ ReLinks plugin version 1.8 suffers from cross site scripting and open redirection vulnerabilities.
View ArticleWordPress Dbox 3D Slider Lite 1.2.2 SQL Injection
WordPress Dbox 3D Slide Lite plugin versions 1.2.2 and below suffer from multiple remote SQL injection vulnerabilities.
View ArticleWordPress Smooth Slider 2.8.6 SQL Injection
WordPress Smooth Slider plugin versions 2.8.6 and below suffer from a remote SQL injection vulnerability.
View ArticleWordPress Testimonial Slider 1.2.4 SQL Injection
WordPress Testimonial Slider plugin versions 1.2.4 and below suffer from a remote SQL injection vulnerability.
View ArticleUbuntu Security Notice USN-3522-4
Ubuntu Security Notice 3522-4 - USN-3522-2 fixed a vulnerability in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS to address Meltdown. Unfortunately, that update introduced a regression...
View ArticleRed Hat Security Advisory 2018-0081-01
Red Hat Security Advisory 2018-0081-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 28.0.0.137....
View ArticlephpCollab 2.5.1 Unauthenticated File Upload
This Metasploit module exploits a file upload vulnerability in phpCollab version 2.5.1 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server...
View ArticleSamsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload
This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to...
View ArticleLabF nfsAxe 3.7 FTP Client Stack Buffer Overflow
This Metasploit module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution.
View ArticleLinux/ARM (Raspberry Pi) Bind Shell Shellcode
112 bytes small Linux/ARM (Raspberry Pi) null-free shellcode that binds a shell to 0.0.0.0:4444/TCP.
View ArticleVMware Security Advisory 2018-0004.1
VMware Security Advisory 2018-0004.1 - VMware vSphere, Workstation and Fusion updates add Hypervisor- Assisted Guest remediation for speculative execution issue.
View ArticleVMware Security Advisory 2018-0005
VMware Security Advisory 2018-0005 - VMware Workstation, and Fusion updates resolve use-after-free and integer-overflow vulnerabilities.
View Article
