Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
c9bd07dd0d0045d6ca7537390a1afbcdf33716d193ea7d7084ae4f6c30b683abWordPress Simple Ads Manager plugin version 2.9.4.116 suffers from a remote SQL injection vulnerability.
c3225024050bfa8485a3aa261ef44cdbf1842789ed7f02486760b470ce90f477Netduma R1 router versions 1.03.4 and 1.03.5 suffer from a cross site request forgery vulnerability.
cb9861408b2a312ef9c0c0798a0356f98ce6e8596554528293cfa5537a7cd173FTPShell Client version 5.24 suffers from a buffer overflow vulnerability.
2ad4624ed3713e9d5fba9c1b46d2e27a1cc02ad0ee37fe7729bdf7ca9a5666f4Installation of DeleGate version 9.9.13 sets some binaries setuid root and at least one of these binaries can be used to escalate the privileges of a local user. The binary dgcpnod creates a node allowing a local unprivileged user to create files anywhere on disk. By creating a file in /etc/cron.hourly a local user can execute commands as root.
7f7b948cf0c658577a60b54e041918a12f7d33a376ff4d93c8a8740f4fddad56Gentoo Linux Security Advisory 201512-10 - Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 38.5.0 are affected.
8b345c71a57deda9f0a8d7eb50719b94a327aadac84155e9eb75aa9517d6449eGentoo Linux Security Advisory 201512-9 - Multiple vulnerabilities have been found in encfs, the worst of which can allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.5 are affected.
059fd7a6542979e2739e90c6041431fb44438c3c58dfcaefa4f76a62b9e4a468Gentoo Linux Security Advisory 201512-8 - Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.98.7 are affected.
5fc32e294ea5ab2344bd65d50e0882eeb0563d3c852bd072b46c3325fb7d5d40Gentoo Linux Security Advisory 201512-7 - A buffer overflow in GStreamer could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.5 are affected.
145e7553c78639ba0e110d473c1a22e00ef1d27a08c79f4ce075cec8ab3c03d4Gentoo Linux Security Advisory 201512-6 - A buffer overflow vulnerability in MPFR could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 3.1.3_p4 are affected.
3555d219ed26c408bde4e5729317d80fae10d392f398829638bee4e18e6765a2KODExplorer web file manager suffers from a cross site scripting vulnerability.
a0105f30c9687518ec81049807bbf8fb7193299431ee0d621c176c069d12cadbInterPhoto version 2.3.0 Persians suffers from a database disclosure vulnerability.
b9332d288e8d706e22260bfa2c7d25ac712e49b70bcbd14e8c91fcec8903639dRed Hat Security Advisory 2015-2697-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
cf66ca97718395e208f26158dd4948c5061faf78290b77509496697890751210AVG's Web Tune extension maliciously works to bypass the Chrome malware checks and leaves broken JavaScript APIs available. The attached exploit steals cookies from avg.com.
bc6771c4f589518e2a4514e7c5963c7ac6e4f7a4abf44b90f9df910e567a4843Beezfud suffers from a remote code execution vulnerability.
497a4606c5bb1310751ac087938088185c27e036193143a5a7f63aea7b2a8d8fghrc.nsstc.nasa.gov suffered from a cross site scripting vulnerability.
39c8465d756607f1fcd5544160fdda382abab5af697af9fa153ba65efff5fa84Various 2.x releases of WebKitGTK+ suffer from over 130 vulnerabilities. These range from use-after-free to arbitrary code execution issues.
7dc30709125cb2db34abde329f80722cbf2938391b1c828a6de14fc02f27d91clibtiff versions 4.0.6 and below suffer from a heap overflow vulnerability.
ddfd1c393297b02656c6af06e2fa4f16ca0f928fa45ec87e895588cb147b6756_TIFFVGetField() in libtiff version 4.0.6 may write field data for certain extension tags to invalid or possibly arbitrary memory locations.
1e6ba94ed422d819e50f84dc63c80b976bb75c2ad64a24ec1ea61f3243511591PHP Melody CMS version 2.3 suffers from a remote SQL injection vulnerability.
3ce0e6de5b497053859c2d83646c7f89a4d121e02e130934677bae1f948ac14aRW::Download version 4.0.8 suffers from remote and local file inclusion and remote SQL injection vulnerabilities.
a56588c35a1599d4874c8ae698232a9d5a487865ba837e1af15f014bb3f00f3dAccessDiver version 4.301 build 5888 suffers from a buffer overflow vulnerability.
849355e29545b0be3f930fb8b655f633aeed9476aa1768fa04565dd2c20df444EasyCafe Server versions 2.2.14 and below suffer from a remote file read vulnerability.
121818ec38b64281f7a95209aa9db936cfefb36b812148de3e51ee15bd39e65cBigware Shop version 2.3.01 suffers from cross site scripting and remote file upload vulnerabilities.
0fda50166e50607bde50341fa86b07ba1d509d42e6e3efb1bc624c983bd8d609Backshell Web Shell suffers from a cross site request forgery vulnerability.
e1667825acf8a9542de3584932040fd9b7faa17088c2d663c3f51ce4f779f9c5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed