• Close
  • Displaying entries 1 - 10 of 80020 in total

    Metasploit Web UI Static secret_key_base Value Exploit

    Disclosed: September 15, 2016

    This module exploits the Web UI for Metasploit Community, Express and Pro where one of a certain set of Weekly Releases have been applied. These Weekly Releases introduced a static secret_key_base value. Knowledge of the static secret_key_base value allows for deserialization of a crafted Ruby Object, achieving co...

    Debian: DSA-3667 (CVE-2016-5171): chromium-browser -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3667:

    Several vulnerabilities have been discovered in the chromium web browser.

    From SUSE_CVE-2016-5171:

    This CVE is ad...

    Debian: DSA-3667 (CVE-2016-5170): chromium-browser -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3667:

    Several vulnerabilities have been discovered in the chromium web browser.

    From SUSE_CVE-2016-5170:

    This CVE is ad...

    Debian: DSA-3667 (CVE-2016-5175): chromium-browser -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3667:

    Several vulnerabilities have been discovered in the chromium web browser.

    From SUSE_CVE-2016-5175:

    This CVE is ad...

    Debian: DSA-3667 (CVE-2016-5173): chromium-browser -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3667:

    Several vulnerabilities have been discovered in the chromium web browser.

    From SUSE_CVE-2016-5173:

    This CVE is ad...

    Debian: DSA-3670 (Multiple Advisories) (CVE-2016-1240): tomcat8 -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3670:

    Dawid Golunski of LegalHackers discovered that the Tomcat init script

    performed unsafe file handling, which could result in local pri...

    Debian: DSA-3667 (CVE-2016-5174): chromium-browser -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3667:

    Several vulnerabilities have been discovered in the chromium web browser.

    From SUSE_CVE-2016-5174:

    This CVE is ad...

    Debian: DSA-3667 (CVE-2016-5172): chromium-browser -- security update Vulnerability

    • Severity: 4
    • Published: September 14, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3667:

    Several vulnerabilities have been discovered in the chromium web browser.

    From SUSE_CVE-2016-5172:

    This CVE is ad...

    Adobe Flash Player: APSB16-29 (CVE-2016-4284): Security updates available for Adobe Flash Player Vulnerability

    • Severity: 4
    • Published: September 13, 2016

    Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, C...

    Adobe Flash Player: APSB16-29 (CVE-2016-4285): Security updates available for Adobe Flash Player Vulnerability

    • Severity: 4
    • Published: September 13, 2016

    Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, C...