GNU Screen version 4.5.0 local root privilege escalation exploit.

Systemd 228 privilege escalation proof of concept exploit.

OpenSSH versions 6.8 and 6.9 suffer from a PTY privilege escalation vulnerability.

KB Affiliate Referral PHP Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

KB Login Authentication Script version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

KB Messages PHP Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

The Polycom VVX web interface allows a user to change an admin's password.

Autodesk Backburner Manager 3 versions prior to 2016.0.0.2150 suffers from a null dereference denial of service vulnerability.

Haraka versions prior to 2.8.9 suffer from a remote command execution vulnerability.

Red Hat Security Advisory 2017-0206-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 56.0.2924.76. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

Red Hat Security Advisory 2017-0200-01 - puppet-swift is the Puppet module used by Red Hat OpenStack Platform director to install OpenStack Object Storage. Security Fix: An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage. During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.

Red Hat Security Advisory 2017-0205-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support will end on February 28, 2017. Red Hat will not provide extended support for this product.

This Metasploit module affects Geutebrueck GCore versions 1.3.8.42 and 1.4.2.37, which suffer from a remote code execution vulnerability.

GNU Screen version 4.5.0 suffers from a local privilege escalation vulnerability.

Man-db version 2.6.7.1 suffers from a privilege escalation vulnerability.

PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.

Web Based TimeSheet Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.

22 bytes small Linux/x86_64 execve /bin/sh shellcode.

The DigitalSec 2017 Call For Papers has been announced. It will take place in Kuala Lumpur, Malaysia, on July 11th through the 13th, 2017.

Android suffers from a KASLR bypass in pm_qos.

Mac OS / iOS kernels suffers from a use-after-free due to a lack of locking in host_self_trap.

Cisco WebEx version 1.0.5 suffers from a new arbitrary command execution vulnerability via a module whitelist bypass.

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

HTTP_Upload version 1.0.0b3 fails to appropriately take into consideration more than file extensions when mitigating malicious file uploads, allowing for remote code execution.