Vulnerability Updates

strongSwan VPN's charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow,resulting in denial of service.

CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified,known as"Variant 3a"and"Variant 4".

Mail clients may leak plaintext messages while decrypting OpenPGP and S/MIME messages.

In some circumstances,some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions,namely MOV SS and POP SS.

Some platforms with integrated GPUs,such as smartphones,may allow both side-channel and rowhammer attacks via WebGL,which may allow a remote attacker to compromise the browser on an affected platform. An attack technique that leverages these vulnerabilities is called"GLitch."

libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.

libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.

An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.

An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.

The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo phones (such as the A7020) that have since been fixed by Lenovo.

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability

VMware Tools HGFS CVE-2018-6969 Local Information Disclosure Vulnerability

Eaton 9000X Drive CVE-2018-8847 Stack Based Buffer Overflow Vulnerability

Oracle July 2018 Critical Patch Update Multiple Vulnerabilities

Secunia Research: Clam AntiVirus "parsehwp3_paragraph()" Denial of Service Vulnerability

Type: Vulnerability. Microsoft Internet Explorer and Edge are prone to an remote memory-corruption vulnerability; fixes are available.

Type: Vulnerability. Microsoft Edge is prone to a remote memory-corruption vulnerability; fixes are available.

Type: Vulnerability. Microsoft Edge is prone to a remote memory-corruption vulnerability; fixes are available.

Type: Vulnerability. Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks; fixes are available.

Type: Vulnerability. Microsoft Edge is prone to a remote memory-corruption vulnerability; fixes are available.

Apple Security Advisory 2018-7-9-7 - iTunes 12.8 for Windows is now available and addresses code execution and denial of service vulnerabilities.

Apple Security Advisory 2018-7-9-6 - iCloud for Windows 7.6 is now available and addresses code execution and denial of service vulnerabilities.

Apple Security Advisory 2018-7-9-5 - Safari 11.1.2 is now available and addresses code execution and denial of service vulnerabilities.

Apple Security Advisory 2018-7-9-4 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan are now available and address information leakage vulnerabilities.

Apple Security Advisory 2018-7-9-3 - tvOS 11.4.1 is now available and addresses code execution and denial of service vulnerabilities.

Apple Security Advisory 2018-7-9-7 - iTunes 12.8 for Windows is now available and addresses code execution and denial of service vulnerabilities.

Apple Security Advisory 2018-7-9-6 - iCloud for Windows 7.6 is now available and addresses code execution and denial of service vulnerabilities.

Microsoft Windows Kernel (win32k.sys) suffers from a local denial of service null pointer vulnerability in NtUserConsoleControl.

Microsoft Windows suffers from an ADODB.Record object file overwrite vulnerability. The password for the proof of concept zip is adorecord.

This Metasploit module exploits a command injection vulnerability in Quest KACE Systems Management Appliance version 8.0.318 (and possibly prior). The download_agent_installer.php file allows unauthenticated users to execute arbitrary commands as the web server user www. A valid Organization ID is required. The default value is 1. A valid Windows agent version number must also be […]