Ubuntu Security Notice 5043-2 - USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service.
5915ae6df07f3e5e81674a692c53a165f6feb58c6d1ab304bf3991e356fc42eeUbuntu Security Notice 5219-1 - It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
a7e38a5c770aa6dfa8b743e2b7675254db89dcb3c77592070d5c7db12d6a9887Ubuntu Security Notice 5218-1 - Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
f90f83bbcd246c8d673aa082579a0c09cd5de90a6bc0cee2d59e2eed594b9e9aUbuntu Security Notice 5217-1 - It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
33416da69c07925753e4dd155ea2d3da8c14e95aa648b39481c4bc7f778617d3Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
a47f3a35df0552c6bd911d289832cfc037127bbe7f6acdd796dcb4c6d8cde2cfBackdoor.Win32.Controlit.10 malware suffers from a code execution vulnerability.
07b9871a0695ac9e42db05fcbe7fd8354a48ddedd7ca4f6d6bf2baa67c698bbcMicrosoft Windows Defender suffers from a detection bypass vulnerability due to a sub-par mitigation priorly adopted.
b5337b4ff0ded5ddda0becffc0c9002fdf3288c10396de61b829b2dacbf22ab9Microsoft Windows suffers from a registration file dialog spoofing vulnerability and their last fix to this issue can be bypassed.
3d0c712557e8ea256ea96f38c4729251ae893ca640831654a5a638e72b4d841e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed