The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
Monthly Archives: March 2017
qemu-2.6.2-7.fc24
* CVE-2017-5525: audio: memory leakage in ac97 (bz #1414110)
* CVE-2017-5526: audio: memory leakage in es1370 (bz #1414210)
* CVE-2016-10155 watchdog: memory leakage in i6300esb (bz #1415200)
* CVE-2017-5552: virtio-gpu-3d: memory leakage (bz #1415283)
* CVE-2017-5667: sd: sdhci OOB access during multi block transfer (bz #1417560)
* CVE-2017-5857: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref (bz #1418383)
* CVE-2017-5856: scsi: megasas: memory leakage (bz #1418344)
* CVE-2017-5898: usb: integer overflow in emulated_apdu_from_guest (bz #1419700)
* CVE-2017-5987: sd: infinite loop issue in multi block transfers (bz #1422001)
* CVE-2017-6505: usb: an infinite loop issue in ohci_service_ed_list (bz #1429434)
* CVE-2017-2615: cirrus: oob access while doing bitblt copy backward (bz #1418206)
* CVE-2017-2620: cirrus: potential arbitrary code execution (bz #1425419)
Lynis Auditing Tool 2.4.6
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
php-onelogin-php-saml-2.10.5-1.fc26
Update to 2.10.5
—-
Update to 2.10.4
php-onelogin-php-saml-2.10.5-1.fc24
Update to 2.10.5
—-
Update to 2.10.4
php-onelogin-php-saml-2.10.5-1.el7
Update to 2.10.5
—-
Update to 2.10.4
php-onelogin-php-saml-2.10.5-1.fc25
Update to 2.10.5
—-
Update to 2.10.4
FTPShell Client 6.53 Buffer Overflow
FTPShell Client version 6.53 buffer overflow exploit written in python.
Where Have All The Exploit Kits Gone?
For a long time, exploit kits were the most prolific malware distribution vehicle available to attackers. Where did they go and what’s replaced them?
Hundreds of High-Profile Twitter Accounts Hacked through 3rd-Party App
In a large-scale Twitter hack, thousands of Twitter accounts from media outlets to celebrities, including the European Parliament, Forbes, BlockChain, Amnesty International, UNICEF, Nike Spain and numerous other individuals and organizations, were compromised early Wednesday.
The compromised Twitter accounts is pushing a disturbing spam message written in Turkish comparing the Dutch to the Nazis