Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
Monthly Archives: March 2017
DSA-3820 gst-plugins-good1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
DSA-3822 gstreamer1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
DSA-3819 gst-plugins-base1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
Vuln: Mozilla Firefox and Thunderbird CVE-2017-5400 Multiple Memory-Corruption Vulnerabilities
Mozilla Firefox and Thunderbird CVE-2017-5400 Multiple Memory-Corruption Vulnerabilities
Vuln: Mozilla Firefox and Thunderbird Multiple Use After Free Denial of Service Vulnerabilities
Mozilla Firefox and Thunderbird Multiple Use After Free Denial of Service Vulnerabilities
Vuln: Mozilla Firefox and Thunderbird CVE-2017-5401 Memory Corruption Vulnerability
Mozilla Firefox and Thunderbird CVE-2017-5401 Memory Corruption Vulnerability
Vuln: Mozilla Firefox and Thunderbird Multiple Security Vulnerabilities
Mozilla Firefox and Thunderbird Multiple Security Vulnerabilities
CVE-2017-5622
With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnerabilities and/or exfiltrate sensitive information.
Farmer's Fridge Kiosk 2.0.0 Information Disclosure
Farmer’s Fridge Kiosk version 2.0.0 suffers from an unprotected event log information disclosure vulnerability as well as unauthenticated request issues.