KWSPHP CMS v1.6.995 – Persistent Cross Site Scripting Web Vulnerability
Monthly Archives: July 2016
Bugtraq: OpenDocMan v1.3.5 – Full Path Disclosure Vulnerability
OpenDocMan v1.3.5 – Full Path Disclosure Vulnerability
Bugtraq: [CVE-2016-6136] Double-Fetch Vulnerability in Linux-4.6/kernel/auditsc.c
[CVE-2016-6136] Double-Fetch Vulnerability in Linux-4.6/kernel/auditsc.c
Bugtraq: Syslog Server "npriority" field remote Denial of Service vulnerability
Syslog Server “npriority” field remote Denial of Service vulnerability
RHBA-2016:1379-1: Red Hat Certification bug fix and enhancement update
Red Hat Enterprise Linux: An updated redhat-certification package that fixes several bugs and adds various
enhancements is now available for Red Hat Enterprise Linux 6 and Red Hat
Enterprise Linux 7.
RHSA-2016:1380-1: Moderate: nodejs010-node-gyp and nodejs010-nodejs-qs security and bug fix update
Red Hat Enterprise Linux: An update for nodejs010-node-gyp and nodejs010-nodejs-qs is now available for
Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2014-7191
Symantec Integer Overflow in TNEF decoder (CVE-2016-3645)
Multiple vulnerabilities exist in the Decomposer component of Symantec Antivirus Engine. These vulnerabilities are due to incorrect or missing bounds checks. A remote, unauthenticated attacker could exploit these vulnerabilities by sending a maliciously crafted file to a user running this engine.
Symantec Antivirus Engine ASPack Remote Memory Corruption (CVE-2016-2208)
A Memory Corruption vulnerability exist in the Symantec Antivirus Engine in ASPack early version. This vulnerability is due to incorrect parsing of executables packed by ASPack early version.
Symantec Antivirus multiple remote memory corruption unpacking MSPACK Archives (CVE-2016-2211)
Multiple vulnerabilities exist in the Decomposer component of Symantec Antivirus Engine. These vulnerabilities are due to incorrect or missing bounds checks. A remote, unauthenticated attacker could exploit these vulnerabilities by sending a maliciously crafted file to a user running this engine. Successful exploitation could result in arbitrary code execution in the context of SYSTEM.
Symantec PowerPoint Misaligned Stream Remote Stack Buffer Overflow (CVE-2016-2209)
Multiple vulnerabilities exist in the Decomposer component of Symantec Antivirus Engine. These vulnerabilities are due to incorrect and missing bounds checks. A remote, unauthenticated attacker could exploit these vulnerabilities by sending a maliciously crafted file to a user running this engine.