PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a TestServlet cross site scripting vulnerability.
6f27a9a828724a7736a1b7f2889f126f8efc3b2f3c3807b27c60ee7904f9b16eGentoo Linux Security Advisory 201707-15 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 26.0.0.137 are affected.
b54a48c947a7dfb938de79745dadfbe6833942362e61f88f02dd1ff53e7f1773Oracle Integration Gateway (PSIGW) suffers from a directory traversal vulnerability.
a928b26bb52db254d90152adf71ca5f1c3b5396816e4438de681c568e6c5aa90Oracle Integration Gateway (PSIGW) suffers from a file upload vulnerability.
d9ee0be871c0b0f0f069b8a93479455bdd763e04c083da6de4a89e7f280bc623Televes COAXDATA GATEWAY 1Gbps suffers from credential disclosure, arbitrary password change, unrestricted backup restore, and various other vulnerabilities. The vendor has notified Packet Storm that firmware version 1.03.0016 addresses these issues.
9baff8fd7ea7ecdd219dd2f97ec0f608150440181c7874a88448885e8ba30f70Ubuntu Security Notice 3361-1 - USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
a02dd5836ffae854b87f99a0c65d15d6c8e6dd7ae37fde2f48b13dc8494472d6Ubuntu Security Notice 3360-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the performance events and counters subsystem of the Linux kernel for ARM64. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
b728a817657de92c7a8e7a3974a7db179927290da525b28390f7ffee93bfc9c8NEC Universe UM4730 versions prior to 11.8 suffers from a remote SQL injection vulnerability.
9bc22dbc596c325410c6890c434f2f7104984b425924ee7352b1260be9487f23Trustonic's Trusted Execution Environment (TEE) OS fails to perform revocation of trustlets.
5292643705b2a592ce4d79010191e3052ef98b5f67f2a9fe9356b30677b6295eApple Security Advisory 2017-07-19-7 - iCloud for Windows 6.2.2 is now available and addresses information disclosure, code execution, and various other vulnerabilities.
f6c72c4517098c3e7034d35d6ba98acffde8bf0131ee5bb5000e212e653c3fccApple Security Advisory 2017-07-19-6 - iTunes 12.6.2 is now available and addresses code execution, information disclosure, and various other vulnerabilities.
c13a5cb60055a2f9fb0fc52c32c0f5cfdd41d6b2a43d5d86a0dac83a01cd277aUbuntu Security Notice 3360-2 - USN-3360-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
dd0fe2c526143d34a107f7f383bf5197ebc0f403d7b65cfed4142a62d732f7a3Apple Security Advisory 2017-07-19-5 - Safari 10.1.2 is now available and addresses spoofing, cross origin, and various other vulnerabilities.
45581232806476f5919c8e4e4c4fdf08c450b51103777da433824e0c8b3de277Virtual Postage (VPA) version 1.0 suffers from a remote code execution vulnerability via man-in-the-middle attacks.
816fa95055239cb95ffb77c4c4aac690fbdb7a852cd92f2696db296e8f9c9146SKILLS.com.au Industry App version 1.0 suffers from a remote code execution vulnerability via man-in-the-middle attacks.
29ee0636ad9ced1631d22d05accf2192ac275e9c7db76dfbc702f6ec0720de02
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed