Untrusted search path vulnerability in Atom Electron before 0.33.5 allows local users to gain privileges via a Trojan horse Node.js module in a parent directory of a directory named on a require line.
Monthly Archives: April 2016
CVE-2016-2331
The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVE-2016-2332
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter.
CVE-2016-2333
SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers’ installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
CVE-2016-2346
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream.
IrIran Shopping Script 4.1 Cross Site Scripting
IrIran Shopping Script version 4.1 suffers from a cross site scripting vulnerability.
How Did Hackers Who Stole $81 Million from Bangladesh Bank Go Undetected?
In Brief
Investigators from British defense contractor BAE Systems discovered that hackers who stole $81 million from the Bangladesh Central Bank actually hacked into software from SWIFT financial platform, a key part of the global financial system.
The hackers used a custom-made malware to hide evidence and go undetected by erasing records of illicit transfers with the help of compromised
CESA-2016:0685 Moderate CentOS 7 nspr SecurityUpdate
CentOS Errata and Security Advisory 2016:0685 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0685.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: daf7526f2f1ccc56ec97e57940cde39049a4a111951b01197b2c18b4bc7ec1cb nspr-4.11.0-1.el7_2.i686.rpm d784f223e384f756a5c594925512c5fd6d46aaad66f85936b51453a0dc2dbd8a nspr-4.11.0-1.el7_2.x86_64.rpm 56037499e8d01dd812e5ff3a2752c9aa108dd45fd816269abae28fd6eaa751b1 nspr-devel-4.11.0-1.el7_2.i686.rpm 5b3fbd8326f1249e287423a753d2b249e4d7281c669943c367a62d6f839dfde5 nspr-devel-4.11.0-1.el7_2.x86_64.rpm Source: 6520f99cd5afa95d605bcc653f47c828e2fb491a548e057d0c99e91a57a1dac3 nspr-4.11.0-1.el7_2.src.rpm
CESA-2016:0685 Moderate CentOS 7 nss-utilSecurity Update
CentOS Errata and Security Advisory 2016:0685 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0685.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 73472239f7a39dfce534c7a7d354a0c47c56d4164bd751e9709285dc52526a52 nss-util-3.21.0-2.2.el7_2.i686.rpm ebe0bba24d7b4477830fe4dbb025e91ca30a619e5806241a84c7e4c420bab53c nss-util-3.21.0-2.2.el7_2.x86_64.rpm e512d5a51c14dca89b2207be8a6aa792cf3e5e549f4f525f5d26800b705b8a72 nss-util-devel-3.21.0-2.2.el7_2.i686.rpm 2013f4efb5ccdee9431259c717c2f473dff61f0b26f39a2e46012764f7a127c5 nss-util-devel-3.21.0-2.2.el7_2.x86_64.rpm Source: e90e5e5834289fae968dd2d04f9d563d7a67e3c733ebc2291b7ab131f93c5e14 nss-util-3.21.0-2.2.el7_2.src.rpm
CESA-2016:0685 Moderate CentOS 7 nss-softoknSecurity Update
CentOS Errata and Security Advisory 2016:0685 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0685.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 3119ce33b30bd2aee2e386f0a3f2f01c90c9869ae2cb39a685f913e7a4d0e14a nss-softokn-3.16.2.3-14.2.el7_2.i686.rpm d207816db9a598d15c0856a925b28221f4166968fba76d09aa01aa9ea6c44170 nss-softokn-3.16.2.3-14.2.el7_2.x86_64.rpm e544515243939f744d849b645cfb308bf0d4f73e57c29d52d4023fb264b61298 nss-softokn-devel-3.16.2.3-14.2.el7_2.i686.rpm 5e8c6639e808aaa869b50e9c1c5b827ab6960c5dcc371c1ba42b4dddbae6888e nss-softokn-devel-3.16.2.3-14.2.el7_2.x86_64.rpm c579edfa53c72797701474fbbbc1c19d90ed7c407046d7718e25234b0887acb7 nss-softokn-freebl-3.16.2.3-14.2.el7_2.i686.rpm 9253b359efea3686548eeb043ed0e0bf5e859a677c98452e1bec39d500756e94 nss-softokn-freebl-3.16.2.3-14.2.el7_2.x86_64.rpm 871ddd52d4894f9a515683607b009e206dd7c181158f5a7bb1f88349236fbbc8 nss-softokn-freebl-devel-3.16.2.3-14.2.el7_2.i686.rpm bccc6cb31656273c92f1288717bcc7f8578b3c42670433812f68e9164dd326f2 nss-softokn-freebl-devel-3.16.2.3-14.2.el7_2.x86_64.rpm Source: 698e112d5ce13a9e9703bac655fe9d2a75fa85bc828af64a965bbc0e880c62d2 nss-softokn-3.16.2.3-14.2.el7_2.src.rpm