Microsoft Windows suffers from a uniscribe font processing out-of-bounds read in usp10!otlChainRuleSetTable::rule.

The Microsoft Windows kernel suffers from hive loading crashes in nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages.

Google Nest Cam version 5.2.1 suffers from buffer overflow conditions over bluetooth LE.

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

This Metasploit module utilizes an administrative module which allows for command execution. This page is completely unprotected from any authentication when given a POST request.

Debian Linux Security Advisory 3796-2 – CVE-2016-8743 meant being more stringent when dealing with whitespace patterns in HTTP requests, and that change broke the upload tool of sitesummary-client.

Ubuntu Security Notice 3238-1 – An integer overflow was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service via application crash or execute arbitrary code.

EMC RecoverPoint update contains a fix for an SSL stripping vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions prior to 5.0 are affected.