Gentoo Linux Security Advisory 201709-18 - Multiple vulnerabilities have been found in Mercurial, the worst of which could lead to the remote execution of arbitrary code. Versions less than 4.3 are affected.
89aefc9a366cff54114ccf79e3fe3ca7be36701152914d2c0e752658790e251b
Gentoo Linux Security Advisory 201709-17 - A command injection vulnerability in CVS may allow remote attackers to execute arbitrary code. Versions less than 1.12.12-r12 are affected.
78f216f749a83a59358d93b2407ec3478ef2da3649ff8b7511fbd25def623d28
Gentoo Linux Security Advisory 201709-16 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 27.0.0.130-r1 are affected.
1f1f846175f0899cf7579a530d3a0f6ba45337a805744b1f2ee7bd01546c7dbc
Gentoo Linux Security Advisory 201709-15 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.79 are affected.
131fec0e0b3d7226331ef6385d05b2dfcd5b79bfa21635682acea468e5e5bed2
Slackware Security Advisory - New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
4d6b678c3314fa71af254ef3e0b8d2513919f18fac4a8a69d0e2e408d3d10701
Debian Linux Security Advisory 3983-1 - Multiple security issues have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
d20e3978bfa76603621405671436ff72e2de88512d266516e792372b832b4216
Apple products suffers from an information leak when handling WLC_E_COUNTRY_CODE_CHANGED event packets.
d9fd260e76fa5bb413e17f4cda2ada7d5e896a778a13ebaf5b7d8bf3679a09e6
The Apple PCIe Message Ring protocol suffers from multiple race conditions that can lead to out-of-bounds read and writes.
9d829639573f82bd62beacc1312bfa32eb067d298b7f05c51fa7d65065d918c1
Heap overflow and information disclosure vulnerabilities exist in Apple's setVendorIE when handling ioctl results.
c549b5fce03407f8bce467f2a8413f2729a2df5e52d5696e76a216319fcaedd3
Apple products suffer from an issue where an out-of-band NUL byte write occurs when handling WLC_E_TRACE event packets.
47ee5c128bfcfb4a1dc15e92a364f7ed639bb5fa9a32e0849814541a789a8c46
A heap overflow vulnerability exists in Apple's updateRateSetAsyncCallback when handling ioctl results.
5baf4461e02f823d473ce5e80cdf29107fb3e4d0bc77201b0a37d01d752ae1ba
There is a heap overflow vulnerability in Apple's assembleBGScanResults when handling ioctl results.
e497d754530da645d0dfa81b8d9378547e7195bb0e4f5b900f516e4799502c81
There is a heap overflow in Apple's AppleBCMWLANCore driver when handling Completed Firmware Timestamp messages (0x27).
859f5e2dd3a8465d5b3ba18254bb4a28a1247d2b72149d337adb0d58d1245663
Red Hat Security Advisory 2017-2787-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
c2fbd0ec54d0bfa9ad2a7c6d11b3885aed12d2e86bc392ddc02f7778c1606199
Red Hat Security Advisory 2017-2778-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
90e4d59d523bfd0324aa344e6329f791d3e861d3915594325338f11b5393a026
Red Hat Security Advisory 2017-2788-01 - Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Security Fix: A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
1f462b1f7c629927ce4d52271c2e05e7f8c0b9018b4e5e8bfccbf1cd04e731b8
Red Hat Security Advisory 2017-2791-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
4d4892162624cc5f56a309259e711433107bdaff738b0902cd06a0920c2357d1
Red Hat Security Advisory 2017-2790-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
6fdc918f44a544b6b95ca2d43f660a74ab6f5bafc9df5d9b96e58d4d2091ea74
Ubuntu Security Notice 3428-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
6562f178517cc3601b9d7f603897baabf458f7268887dc51206c086abd540529
Ubuntu Security Notice 3427-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
bd9cfadaec51d38cdd314bcf510fa56941a2f71fc610aea2f87e7e878381665b
Ubuntu Security Notice 3426-1 - Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a man in the middle attack. Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. Various other issues were also addressed.
fa491e751279b5ea9e1da0bb1115ba5f62388c95fddad08cf232e729f712f242
Red Hat Security Advisory 2017-2789-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
a8cc2c9ae85665ac880ca785b563e8c299483d8d2baeccb37150982ed7663e29
Apple Security Advisory 2017-09-20-3 - tvOS 11 addresses code execution vulnerabilities.
15a3c1f5437e40580d8e005ab73b5fa1f21710b492e652da0283bb117e57a3dc
Apple Security Advisory 2017-09-20-2 - watchOS 4 addresses code execution vulnerabilities.
f9cdedf252be3c12ad1d0907e2e8a94476a0fcf654d70bf2648b39d50c47b8a3
EMC ViPR SRM, EMC Storage M and R, EMC VNX M and R, EMC M and R (Watch4Net) for SAS Solution Packs contain directory traversal and denial of service vulnerabilities.
d8fd541238a290126b690b97c35135c5a00a337a9f9c9294e18f218ff29f8426