Broadcom suffers from denial of service and out-of-bounds read vulnerabilities in TCP KeepAlive Offloading.
0fd01faa7f991415a9981c3f63751b39f36aaeb1dec6b946eaed0cb7adfa715fBitdefender Total Security 2017 suffers from an unquoted service path vulnerability.
2826282b80d6d3b6a1814dd14a44b77fa18de68ea4d071a11564a8c58e249c79WordPress Church extension suffers from a remote SQL injection vulnerability.
36bf734ab48c6942174029b95d47c1a17ece6c239dfe6d152f7609acbd263081OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from XML external entity injection vulnerabilities.
9447f70c1cfba534cf62cd68923f8cb3c42fb6f8ccf56f0f659927fcf0c4317eOpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability.
0398ff275466563cb7b556e656861a4cce90efc78f0844fe8ed3b226382eab70Red Hat Security Advisory 2017-2795-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
934a940dab30a592a02e07455e3094183299356243b334ef95ac79e84914895aRed Hat Security Advisory 2017-2802-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
bfd0689a6c80bfdd023af7ba1544e909bd3742cffc39037e70d4907f9e378ac9Red Hat Security Advisory 2017-2809-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
2cd12b03d2f33b5eca8602b894a216c2a22849b1ada1361fa1119aa29110e876Red Hat Security Advisory 2017-2811-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8.
4625335874434e605c89b642c9228227df29e49da115ed2ae5344ae66dd9f48cRed Hat Security Advisory 2017-2808-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
f6590a11f2604542166e3cc7b6db6117e23303732c6aef136befc45deb5384ebRed Hat Security Advisory 2017-2801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
ba1c030ec21e814f6a1cd612c57efcdf9cf2e048e865ea5156413a3da7884c5fRed Hat Security Advisory 2017-2796-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
866324fca23747f69de4e8ef9551dad894b102df8aa49be3b5d059c922eb20ddRed Hat Security Advisory 2017-2793-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
c9fff4891a8921a1d680380df8587c02a6e20f76f5ee7eea18c9a1ddbd6e67beRed Hat Security Advisory 2017-2794-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
68ea50ab00f02a7b3ff4323f4ecd7472a907b5657bfbe53369a53538c4b95c33Red Hat Security Advisory 2017-2797-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
f02373e421ca9abcaa1761c1507fde90dcd1950ddf0498eae02ed610189b206fRed Hat Security Advisory 2017-2798-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
40f9f08efc1c1976c5e55dfb0092643a2f5f1f194edeff4cc6addf135da1cbddGentoo Linux Security Advisory 201709-27 - Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in the execution of arbitrary code. Versions less than 4.0.8 are affected.
063099c971a240f228a2cccdc7a688d44d95300bcfd47b1fddd1ac9b8d180bddSitefinity CMS version 9.2 suffers from a cross site scripting vulnerability.
5a521e2a5d7b62d6d670eb99caa0f8e02a086662a27527256e6eae4a7fcc822b30 bytes small Linux/x86_64 mkdir() shellcode.
3154b02a88675f37e8780c81b32546679ba6686baf27481ec41777b0a348c642
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed