Cryptsetup 2:1.7.3-2 Root Initramfs Shell
A vulnerability in Cryptsetup, concretely in the scripts that unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). This vulnerability allows to obtain a root...
View ArticleHP Security Bulletin HPSBST03671 1
HP Security Bulletin HPSBST03671 1 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to...
View ArticleRed Hat Security Advisory 2016-2696-01
Red Hat Security Advisory 2016-2696-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This...
View ArticleRed Hat Security Advisory 2016-2778-01
Red Hat Security Advisory 2016-2778-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments....
View ArticleRed Hat Security Advisory 2016-2765-01
Red Hat Security Advisory 2016-2765-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line...
View ArticleRed Hat Security Advisory 2016-2766-01
Red Hat Security Advisory 2016-2766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the...
View ArticleWindows x86 EXE Removal Shellcode
This is a standard meterpreter/windows/reverse_tcp_dns with a little bonus - it will remove the exe that it gets injected/compiled into. Warning: Do not run this from powershell.exe or any other system...
View ArticleCS-Cart 4.3.10 Unauthenticated XXE Injection
CS-Cart versions 4.3.10 and below suffer from an unauthenticated XML external entity (XXE) injection vulnerability.
View ArticleMicrosoft Internet Explorer 8 Javascript RegExpBase::FBadHeader Use-After-Free
A specially crafted web-page can cause the Javascript engine of Microsoft Internet Explorer 8 to free memory used for a string. The code will keep a reference to the string and can be forced to reuse...
View ArticleRed Hat Security Advisory 2016-2780-01
Red Hat Security Advisory 2016-2780-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.0 ESR. Security Fix: Multiple flaws were found in the processing of...
View ArticleWordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting
WordPress All In One WP Security and Firewall plugin versions 4.1.4 through 4.1.9 suffer from a cross site scripting vulnerability.
View ArticleVMware Security Advisory 2016-0020
VMware Security Advisory 2016-0020 - vRealize Operations REST API deserialization vulnerability vRealize Operations contains a deserialization vulnerability in its REST API implementation. This issue...
View ArticleRed Hat Security Advisory 2016-2779-01
Red Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The...
View ArticleHP Security Bulletin HPSBGN03676 1
HP Security Bulletin HPSBGN03676 1 - A potential security vulnerability has been identified with HPE Helion OpenStack Glance image service. This vulnerability could be exploited remotely to allow a...
View ArticleNginx Root Privilege Escalation
Nginx web server packaging on Debian-based distributions such as Debian or Ubuntu was found to create log directories with insecure permissions which can be exploited by malicious local attackers to...
View Article