PHP Server Monitor version 3.1.1 suffers from a privilege escalation vulnerability.
aafa69a15ff0e3770a96c5012d8cb850bdb3fda9ba48a991cb0678d1cb2b0ff6PHP Server Monitor version 3.1.1 suffers from a cross site request forgery vulnerability.
c6dd900ebf2986cd3b5ad60ba13c81ef576d594f7507b637176981a3472236faeBay Magento CE versions 1.9.2.1 and below and eBay Magento EE versions 1.14.2.1 and below suffer from an XXE injection vulnerability.
08393363d6670e33368d62daac52944168d2958ae3fd00c5baedaa4999a731b3Pligg CMS version 2.0.2 suffers from multiple remote SQL injection vulnerabilities.
e653dc6b60d0a6774fd0c82028476bc1f4420abad29191536668539de8b9ec0bPligg CMS version 2.0.2 suffers from a directory traversal vulnerability.
6694394bbeb73a900ce2025bfc0707fad012282c2839712e6d1e324abee90990Pligg CMS version 2.0.2 suffers from code execution and cross site request forgery vulnerabilities.
478975660e6f6564e0125792eaca49d4f8fc7ddb63e0f2f82e756f316270b0ceSlackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
6f8f1ea7ca7722d48810e15411398875a23f2427d517d29aaf9be8d59d9f7ffbSlackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
9e1563e5450015846758e7398735030c758bd3179e6f25263eca88eb9ad6257bDebian Linux Security Advisory 3384-1 - Two vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution.
2ba577efa7645c3fbb63c3ae8f39544eb64cf665f1a19b8df7a9e00878b1fe27Debian Linux Security Advisory 3383-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool.
5c112093bf6218a0c2e15cc40a7bd9714b502a4ca135cafa9a4c8cf9452b519ePython 3.5 suffers from a vulnerability caused by the behavior of the scan_eol() function. When called, the function gets a line from the buffer of a BytesIO object by searching for a newline character starting at the position in the buffer. However, if the position is set to a value that is larger than the buffer, this logic will result in a call to memchr that reads off the end of the buffer.
11ad4ff03a7d48ad669798a540d150f6b9a96705027ddfb79905aac9959c3fc9Debian Linux Security Advisory 3332-2 - The patch applied for CVE-2015-5622 in DSA-3332-1 contained a faulty hunk. This update corrects that problem.
7ed79434482d9a30adcebdf34b45d74b939f9e8bd496ef33161939bdc9c7bb03Slackware Security Advisory - New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
3c4a3a5cf1e480feed4b9092b1aa939f9e0eaf1cd0b6da12b95876f269e7e405The yaml_* parsing functions suffers from an exploitable double free caused by the error path for the php_var_unserialize() call on line 797 of pecl/file_formats/yaml.git/parse.c.
222691a6762e7a56ff629bdd866e2f3741c307b8856b25b0efcef4850bb9383fThe PHP unserialize() function is considered unsafe due to its behavior regarding class instantiation; in cases where serialized data is attacker controlled, it can be tampered with, allowing for the instantiation of arbitrary PHP classes and thus code execution via destructor.
25ba50f88dac6d73405bd6b613b421c3efdf062bb33df0303b3857f5a2f462f0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed