Richard Zhu discovered that an out-of-bounds memory write in thecodebook parsing code of the Libvorbis multimedia library could resultin the execution of arbitrary code if a malformed Vorbis file is opened.
More info:
https://www.debian.org/security/2018/dsa-4140
More info:
https://wpvulndb.com/vulnerabilities/9041
Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837. Security Advisory. Security Advisory Description. ...
More info:
https://support.f5.com/csp/article/K12903841
Red Hat Enterprise Linux: An update for firefox is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
More info:
http://rhn.redhat.com/errata/RHSA-2018-0527.html
Today, VMware has released the following new security advisory: “VMSA-2018-0008 – Workstation and Fusion updates address a denial-of-service vulnerability This documents the remediation of an Important severity denial-of-service vulnerability (CVE-2018-6957) affecting VMware Workstation and Fusion. This issue can be triggered by opening a large number of VNC sessions. In order for exploitation to be possible, […]The post New VMware Security Advisory VMSA-2018-0008 appeared
More info:
https://blogs.vmware.com/security/2018/03/new-vmware-security-advisory-vmsa-2018-0008.html
Linux kernel vulnerability CVE-2017-9074. Security Advisory. Security Advisory Description. The IPv6 fragmentation implementation ...
More info:
https://support.f5.com/csp/article/K61223103
Several vulnerabilities were discovered in mbed TLS, a lightweightcrypto and SSL/TLS library, that allowed a remote attacker to eithercause a denial-of-service by application crash, or execute arbitrarycode.
More info:
https://www.debian.org/security/2018/dsa-4138
Red Hat Enterprise Linux: An update for firefox is now available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
More info:
http://rhn.redhat.com/errata/RHSA-2018-0526.html
Several vulnerabilities were discovered in Libvirt, a virtualisationabstraction library:
More info:
https://www.debian.org/security/2018/dsa-4137
Multiple vulnerabilities were discovered in cURL, an URL transfer library.
More info:
https://www.debian.org/security/2018/dsa-4136
