PlaySms 1.4 Remote Code Execution
PlaySms version 1.4 suffers from a remote code execution vulnerability.
View ArticleUbuntu Security Notice USN-3288-1
Ubuntu Security Notice 3288-1 - It was discovered that libytnef incorrectly handled malformed TNEF streams. If a user were tricked into opening a specially crafted TNEF attachment, an attacker could...
View ArticleApple Security Advisory 2017-05-15-6
Apple Security Advisory 2017-05-15-6 - iTunes 12.6.1 is now available and addresses memory corruption issues.
View ArticleApple Security Advisory 2017-05-15-7
Apple Security Advisory 2017-05-15-7 - Safari 10.1.1 is now available and addresses denial of service, spoofing, code execution, and various other vulnerabilities.
View ArticleTOR Virtual Network Tunneling Tool 0.3.0.7
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with...
View ArticleFalco 0.6.1
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving...
View ArticleMicrosoft Windows Kernel bind() Out-Of-Bounds Read
Two related bugs have been discovered in the Microsoft Windows kernel code responsible for implementing the bind() socket function, specifically in the afd!AfdBind and tcpip!TcpBindEndpoint routines....
View ArticleMicrosoft Windows Kernel DACL Descriptor Uninitialized Memory
Microsoft Windows kernel suffers from an uninitialized memory issue in the default DACL descriptor of system processes token.
View ArticleMicrosoft Windows Kernel nt!NtTraceControl Memory Disclosure
The handler of the nt!NtTraceControl system call (specifically the EtwpSetProviderTraitsUm functionality, opcode 0x1E) discloses portions of uninitialized pool memory to user-mode clients on Microsoft...
View ArticleMicrosoft Windows win32k!xxxClientLpkDrawTextEx Memory Disclosure
Microsoft Windows suffers from a stack memory disclosure vulnerability in win32k!xxxClientLpkDrawTextEx.
View ArticleHP Wireless Mouse Spoofing Issue
HP ERK-321A is a wireless desktop set consisting of a mouse and a keyboard.
View ArticleNextCloud / OwnCloud Cross Site Scripting
NextCloud and OwnCloud suffer from a cross site scripting vulnerability in their error pages. OwnCloud versions 9.1.5 and below are affected. NextCloud versions prior to 11.0.3, 10.0.5, and 9.0.58 are...
View ArticleUbuntu Security Notice USN-3289-1
Ubuntu Security Notice 3289-1 - Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting...
View ArticleUbuntu Security Notice USN-3272-2
Ubuntu Security Notice 3272-2 - USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This update fixes the...
View ArticleRed Hat Security Advisory 2017-1233-01
Red Hat Security Advisory 2017-1233-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel...
View ArticleRed Hat Security Advisory 2017-1232-01
Red Hat Security Advisory 2017-1232-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel...
View ArticleUbuntu Security Notice USN-3275-2
Ubuntu Security Notice 3275-2 - USN-3275-1 fixed vulnerabilities in OpenJDK 8. This update provides the corresponding updates for OpenJDK 7. It was discovered that OpenJDK improperly re-used cached...
View Article