WordPress Comment Rating plugin version 1.5.0 suffers from a cross site scripting vulnerability.
9f0c5fd1074a6f60a6cbbc7730ec82d55469a4633a9b1c87ce3e6833d4eafce1
Winhex Editor versions 18.7 and below suffer from a dll hijacking vulnerability.
a2988b47b6ea70cf272daeceb0baa2837b29c0bb70bff4b67411208fc59918dc
Gentoo Linux Security Advisory 201601-5 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes. Versions less than 1.0.2f are affected.
3e4a19fb2f2cd2aa82d1304dd1ac46b284296f7ad05d6f86c70a3baddba1a5cb
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c
HP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
58fee4a06d3f5edda1809be66e0702659884cd9a5e2567b6665e9ab43eea6133
HP Security Bulletin HPSBGN03533 1 - A potential security vulnerability in the TLS protocol was addressed by the HPE Cloud Service Automation and Codar products. This vulnerability known as "Logjam" could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.
cf6069c0991822da440b819958e83439853f867586477a6e76b4e2c258ec3ece
HP Security Bulletin HPSBOV03540 1 - Potential security vulnerabilities have been identified with the OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS. These vulnerabilities could be exploited remotely resulting in execution of code with the privileges of Bind, disclosure of information, or cause a Denial of Service (DoS). Revision 1 of this advisory.
172ff73cf346da8d896484da1bbb74a962da41e89f917e23789840d3a1898675
HP Security Bulletin HPSBHF03510 1 - A potential security vulnerability has been identified in HP Integrated Lights Out 2/3/4. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. Unlike the TLS server-side version of Logjam, this vulnerability affects the client-side TLS connection on iLO, or when the iLO acts as a client in a client-server connection. Revision 1 of this advisory.
199db3ee349f25e9e2fdaf21db7af5a54640ca7785affe30de49926d26d552e8
iScripts EasyCreate version 3.0 remote code execution exploit.
f9eba4403db1851e2983b19c6120edd812642398ce364387499ea02c62b073c8
iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
51ba21e8c993b54fdc5c2aaa20bde5026d37b022b8f86570e770abcecf88e995
ManageEngine Eventlog Analyzer versions 4.0 through 10 suffer from a privilege escalation vulnerability.
034c23483e09b9bbd65889d639878efb6d10683ad57d5d65f664f30bd1ef86d5
HP Security Bulletin HPSBHF03419 3 - A potential security vulnerability has been identified in HPE Networking Products. This is a Virtual routing and forwarding (VRF) hopping vulnerability that could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Note: This vulnerability could be exploited remotely as a result of the following network interface conditions: VRF (Virtual Routing and Forwarding) is enabled. MPLS (Multiprotocol Label Switching) is disabled. MPLS-labeled packets are received that match FIB (Forwarding Information Base) entries. When all the above conditions exist, the interface could incorrectly forward the MPLS-labeled packets. Revision 3 of this advisory.
d12057a6756234c7135ccc5f772d5eb69b1f112e1fef08ddd290a77f5c0932b8
ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.
b4748784f8dee5785fb74729ebcd54c6263a9b3b6fefef6c72fb3f86e7114d00
translate.avira.com suffers from a cross site scripting vulnerability.
d71d8ff7e41f6aa75bf4b383a4ad84b35a924e19ee1f73dce983f4e1bc088f07
WordPress Simple Add Pages Or Posts plugin version 1.6 suffers from a cross site request forgery vulnerability.
ab8bac74ee5d413168f78d2233fb3bb883e68e5e590064e748bff8fc30fba72a
HP Security Bulletin HPSBGN03542 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Operations Manager for Windows. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
f393ae1ffb7884abbf8bc85c4778f72a5961128df05dd3cc435aec1682afd7eb
ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.
30a7ef29c39349514e61a5f8a115ccf83f446d7245c39cf98e1cee88497c7dbe
Some partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can lead to issues when the parent table would have denied the operation, but no denial occurs because the partition-level privilege is not checked by the authorization framework, which defines authorization entities only from the table level upwards. This issue is known to affect Hive clusters protected by both Ranger as well as SqlStdHiveAuthorization. Apache Hive versions 1.0.0 through 1.0.1, 1.1.0 through 1.1.1, and 1.2.0 through 1.2.1 are affected.
1e3f7eddd341045ea6ba03ec5ed1a303d3cb2b39f09dc8a24cf4afaabbfcad13
HP Security Bulletin HPSBHF03538 1 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM), and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS). Revision 1 of this advisory.
021fafb148eaa7499368e2f492a72e294ccb2bb8b74ab1e934650ab7292fb145
HP Security Bulletin HPSBHF03535 3 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM) and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 3 of this advisory.
f3a3c76102909b14ccbb8a9688572e5d7ba30e69104f6f891e6671e9e131ecfe
122 bytes small Linux/x64 TCP reverse shell with password. Polymorphic version.
e8424d124c151ace53fdcbf7276880cb684cf019d4f630594c5daae15d6852d4
Netlife Photosuite Pro suffers from a cross site scripting vulnerability.
0c7c875acadcc0098213a235d881dab365901c71f67c44cdafe87717db941b99
Red Hat Security Advisory 2016-0087-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
3820fd476567719de351da2299fbe4bbb27515daea34691f91beda9b7521fb27
Red Hat Security Advisory 2016-0085-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
6a8b228c7f7ac858e4fc3a7da5d5c7078daa6a89a200f48db62e6d5a70624587
Debian Linux Security Advisory 3459-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47.
da2533bd907db169ae2f66df4819e0c401cdf4bdb46df06b257607a11de1d1b7