Afian AB FileRun version 2017.03.18 suffers from cross site request forgery, cross site scripting, open redirection, remote shell upload, and various other vulnerabilities.
2826127ad7fe9509d7f398e13bb1fdb75d324125493456d998e4d7e25c350413
Linksys E series devices suffer from cross site request forgery, cross site scripting, header injection, denial of service, and various other vulnerabilities.
e66d718a08baa524af05c5de1f9b57d9611d9454de19eb2da59eee56654ed6a8
Gentoo Linux Security Advisory 201710-20 - Multiple vulnerabilities have been found in Nagios, the worst of which could lead to the remote execution of arbitrary code. Versions prior to 4.3.3 are affected.
71bbb60aa3362e4c8f4445ea29cd272ea687230997e48f4eb582bacc56ad6176
Red Hat Security Advisory 2017-2908-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs. Security Fix: It was found that Node.js was using a non-randomized seed when populating hash tables. An attacker, able to supply a large number of inputs, could send specially crafted entries to the Node.js application, maximizing hash collisions to trigger an excessive amount of CPU usage, resulting in a denial of service.
7969868d6d3e4cc32a9f6308dce75909322aa2c3b6f3723586b11a881f1a97e3
Gentoo Linux Security Advisory 201710-19 - Multiple vulnerabilities have been found in libarchive, the worst of which could lead to a Denial of Service condition. Versions less than 3.3.0 are affected.
86fc0bec8e78681d6cf24948e8a4e2bb9e6f7b75e57aa12b7a41791b482d4e27
Red Hat Security Advisory 2017-2905-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.
d7e1b54ddf358b368323a0d855bf2e5186841d7534eca072f35a8d897659fdfd
Gentoo Linux Security Advisory 201710-18 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.2.8 are affected.
74182e2fa1de3051fe5a5e387c1c4a43e8c3561f268eef142677191cc11c3c11
Red Hat Security Advisory 2017-2907-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol.
c467a1c4f7cb51ed5062bdc517c2295e285cd5c495e37d543ae688167c35f501
Gentoo Linux Security Advisory 201710-17 - Multiple vulnerabilities have been found in Xen, the worst of which may allow local attackers to escalate privileges. Versions less than 4.7.3 are affected.
9484e589a56881408d4c0766dd0c78bd8f82e19aea09b18a0919672dda99ea6b
HPE Security Bulletin HPESBHF03789 2 - A potential security vulnerability has been identified in the "HP Trusted Platform Module 2.0 Option" kit. This optional kit is available for HPE Gen9 systems with firmware version 5.51. The vulnerability in TPM firmware 5.51 is that new mathematical methods exist such that RSA keys generated by the TPM 2.0 with firmware 5.51 are cryptographically weakened. This vulnerability could lead to local and remote unauthorized access to data. Revision 2 of this advisory.
acdb5759c51be71c692f1131460bb7021ed481bbd9c21ac6af091921bdd24b5e
Ubuntu Security Notice 3456-1 - It was discovered that the X.Org X server incorrectly handled certain lengths. An attacker able to connect to an X server, either locally or remotely, could use these issues to crash the server, or possibly execute arbitrary code.
ae7f1eae80900b7f7dfcf04b648d771c3b13b3d6314ba66e63f1427820c9d84b
Webtrekk Pixel Track versions 3.24 to 3.40, 4.00 to 4.40, and 5.00 to 5.04 suffer from a cross site scripting vulnerability.
0715456c005dbb913030d97db91cff6ea75e827161f4bb4cf639636aab940a0d
Red Hat Security Advisory 2017-2899-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 27.0.0.170. Security Fix: This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
42c4b20574fd46cdec6e1151b9759e96c775095c6bb41183c21e4438ac3e1e90
Red Hat Security Advisory 2017-2904-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.
5b20d3c47a867b021f89c414e2e15806585f337275ea0f6a5bd1d6adc8c38d66
Interspire Email Marketer versions prior to 6.1.6 suffered from an administrative authentication bypass vulnerability.
63b12c183eef7d18a993e7da3f6e94fb295c8da79b37ec97a2295783aff97b9b
Red Hat Security Advisory 2017-2906-01 - Red Hat Single Sign-On 7.1 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. The Node.js adapter provides a simple module for authentication and authorization in Node.js applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.
d729e98f328dac94dc12ca2849872675e6350f226f0e2ac94427213f552718b6