Red Hat Security Advisory 2018-1812-01
Red Hat Security Advisory 2018-1812-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to...
View ArticleESPN Cross Site Scripting
ESPN's CDN suffers from a cross site scripting vulnerability.
View ArticleClassLink OneClick Browser Extension / Agent Universal XSS / Remote Code...
The ClassLink OneClick browser extension and the ClassLink Agent are vulnerable to universal cross site scripting and remote code execution.
View ArticleJoomla 2.4.0 Gridbox Cross Site Scripting
Joomla versions 2.4.0 and below suffer from a cross site scripting vulnerability in the Gridbox extension.
View ArticleGnome Web (Epiphany) Denial Of Service
Gnome Web (Epiphany) versions prior to 3.28.2.1 suffer from a denial of service vulnerability.
View ArticleOfficeScan XG 11.0 Unauthorized Change Prevention Bypass
OfficeScan XG version 11.0 suffers from an unauthorized change prevention bypass vulnerability.
View ArticleSTMicroelectronics DVB Chipset Reverse Engineering
This archive holds a 70+ pages long technical paper accompanied by two reverse engineering tools to analyze STMicroelectronics DVB chipsets.
View ArticleDebian Security Advisory 4219-1
Debian Linux Security Advisory 4219-1 - Several vulnerabilities were discovered in jruby, a Java implementation of the Ruby programming language. They would allow an attacker to use specially crafted...
View ArticleGNU Privacy Guard 2.2.8
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management...
View Articlelibpff 2018-04-28 Information Disclosure
The libpff_name_to_id_map_entry_read function in libpff_name_to_id_map.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via...
View Articlelibmobi 0.3 Information Disclosure
The mobi_parse_index_entry function in index.c in Libmobi 0.3 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted mobi file. The mobi_pk1_decrypt...
View Articlelibfsntfs 20180420 Information Disclosure
The libfsntfs_attribute_read_from_mft function in libfsntfs_attribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a...
View ArticleOX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal
OX App Suite versions 7.8.4 and below suffer from cross site scripting, improper privilege management, content spoofing, server-side request forgery, and path traversal vulnerabilities.
View ArticleXiongMai uc-httpd 1.0.0 Buffer Overflow
XiongMai uc-httpd version 1.0.0 suffers from a buffer overflow vulnerability.
View ArticleDebian Security Advisory 4221-1
Debian Linux Security Advisory 4221-1 - Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.
View ArticleDebian Security Advisory 4220-1
Debian Linux Security Advisory 4220-1 - Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code.
View ArticleDebian Security Advisory 4224-1
Debian Linux Security Advisory 4224-1 - Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the...
View ArticleSlackware Security Advisory - gnupg2 Updates
Slackware Security Advisory - New gnupg2 packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and - -current to fix a security issue.
View Article