HPE System Management versions 7.6.0.11 and below suffer from a cross site scripting vulnerability.
87495628235f3192e04b3e3a5d54be712260de144c8450df133b3e88c3d85d71Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
d72ac3273bde8d2e5e28ec9978373ee3ab4529fd868bc3fc4d2d2671228f2461Slackware Security Advisory - New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
b9a66f00cb4f7f2a7bf96288fbec7cd2617bd1b5cb1219ca1456cb9b61cb915cSlackware Security Advisory - New dhcp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
0405a3963ef4abb21a8b8c64337f3b6e10e2675de810eef9e4f102260a746a47Micro Focus Security Bulletin MFSBGN03801 1 - A potential security vulnerability has been identified in Micro Focus Operations Orchestration. The vulnerability could be remotely exploited to allow Denial of Service (DoS). Revision 1 of this advisory.
fb6b033ee898192da1122ba37bb5cd00db7adc4ce6670d543ab4a4661bf6fd4dUbuntu Security Notice 3586-1 - Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that the DHCP server incorrectly handled socket descriptors. A remote attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
dedc59b7599b4b9b715d94bc53abc59c0eb765ff7b858e2fedaea16f08651d22Red Hat Security Advisory 2018-0380-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: A flaw was found in CloudForms in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Please note that CSP prevents exploitation of this XSS however not all browsers support CSP.
8263e2b98dc7fbe588dd7a8bf6b2896046bc6f7af767bfddf08f4c424ddcf92eRed Hat Security Advisory 2018-0379-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.9, 1.1.6, and 2.0.5. Security Fix: .NET Core: Improper processing of XML documents can cause a denial of service
f2ee7bd67b8280c391a55397a3ef4ea1f9fbb90600e6ed9bf6b2dd3edb4fb10cMicro Focus Security Bulletin MFSBGN03794 2 - A potential security vulnerabilities has been identified in Micro Focus Operations Agent. The vulnerabilities could be remotely exploited to Remote Disclosure of Information. At this time Micro Focus Alarm Manager uses a vulnerable encryption infrastructure. Revision 2 of this advisory.
97e8d9f5f2ab72647084ac9e92c3f9f2e26eeedfc9d6745de732bfe8e29337e9Segger embOS/IP FTP Server version 3.22 suffers from a denial of service vulnerability.
b027785b60fbd97516e739077063042e3b4f213e867aa0406a078da7f3c49ca0Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. The vulnerability is confirmed in versions 4.15.0-r7 and 4.15.0. Other versions may also be affected.
f0fc9c0b15f4d208f5ddbd8f5c527f7918efef3e0855ee3238bb91aeec7edb50This archive contains all of the 235 exploits added to Packet Storm in February, 2018.
8c2ea1ab1921c414e501a26f12905bc1e8f5166b0b4d784b400a19d2516d0806Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
e9ae59b1a22de85f577cc66618a9eafafc8015c7efc066adee16879b22f064fdUbuntu Security Notice 3579-2 - USN-3579-1 fixed a vulnerability in LibreOffice. After upgrading, it was no longer possible for LibreOffice to open documents from certain locations outside of the user's home directory. This update fixes the problem. Various other issues were also addressed.
1ee6157f7172c9b6f4d676c2b41c6b22d80238b9e48f24c511be577d9f93fe8e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed