The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.
Monthly Archives: March 2017
CVE-2017-7363
Pixie 1.0.4 allows an admin/index.php s=publish&m=module&x= XSS attack.
How Russia Hacks You
Former National Security Adviser Seeks Immunity
CVE-2016-9319
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398.
CVE-2008-7313
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. (CVSS:7.5) (Last Update:2017-04-04)
CVE-2014-5009
Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. (CVSS:7.5) (Last Update:2017-04-04)
CVE-2016-6209
Cross-site scripting (XSS) vulnerability in Nagios. (CVSS:4.3) (Last Update:2017-04-04)
DSA-3825 jhead – security update
It was discovered that jhead, a tool to manipulate the non-image part of
EXIF compliant JPEG files, is prone to an out-of-bounds access
vulnerability, which may result in denial of service or, potentially,
the execution of arbitrary code if an image with specially crafted EXIF
data is processed.
Vuln: WebKit Memory Corruption and Information Disclosure Vulnerabilities
WebKit Memory Corruption and Information Disclosure Vulnerabilities