WordPress Photo Gallery plugin version 1.2.8 suffers from a remote SQL injection vulnerability.
bc5f2f631b044356d69b3727c7d0fcafc45bec4fe1e1517bae82f5dc5e56b314Exim ESTMP denial of service exploit that leverages the GHOST glibc gethostbyname buffer overflow.
5ecc35645890c0c48e753cb63b2c03579f6cc942a311b5aad37e578368a54b58A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim's machine.
12bedb80e935c14c525f7aca1139b70f471d66838a84cc908b3de4717f0877b1CMS Saurus version 4.7 suffers from a cross site scripting vulnerability.
c976c6baa79025033fb95b0d12b1014d81986b7c453a16543edf4263720be6dfT-Mobile Internet Manager suffers from a DLL hijacking vulnerability.
166dfceb43c6b95cb0dabb5fe01c754f2762e18cdfd8ecf6925606f53ee52fd3Mantis BugTracker version 1.2.19 suffers from an open redirection vulnerability.
a4a5d3a57136e2c7c69197773c4c6f2b7d1873d9a94832d2eb5e95f58d43524eCore Security Technologies Advisory - Multiple vulnerabilities have been found in the FreeBSD kernel code that implements the vt console driver (previously known as Newcons) and the code that implements SCTP sockets. These vulnerabilities could allow local unprivileged attackers to disclose kernel memory containing sensitive information, crash the system, and execute arbitrary code with superuser privileges.
ab4dd6486f4ee6eea333af5b0238b5e37c79372f03d28ec456d911e6e9c2a2f2New CMS version 2.1 suffers from a local file inclusion vulnerability.
26b93c8a8cc6dbb8ec52f0210258d68239e0acf6e87359bc67630c70164293cdSites powered by Restaurantbiller suffer from remote shell upload and remote SQL injection vulnerabilities.
f4a1adac8a45ce05a5b00694825f0222021b21e9d260550f0910c915cc9c69e7FancyFon FAMOC version 3.16.5 suffers from multiple cross site scripting vulnerabilities.
efa9652e44569c33fc4fee812a69f383c8001fe4f217c3d71994dbc05b3b72c3FancyFon FAMOC version 3.16.5 suffers from a remote SQL injection vulnerability.
3a671192f0facf33bd6129a2886a8ff9396192343746c6b576a400840ee63a00Qualys Security Advisory - During a code audit performed internally at Qualys, they discovered a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions, so they decided to analyze it -- and its impact -- thoroughly, and named this vulnerability "GHOST".
ffa8d4a79d99689d850b8267b77bc648e3bd73f6426baa39b73870777ee69adbThe Syrian Electronic Army SEANux linux distro version 1.0 suffers from a remote code execution vulnerability.
b080cc1a04a781bc198b71a73b2e7296a4626b1e7f06b5166036b5722ce7cf48Exploit for remotely changing DNS settings on the D-Link DSL-2740R router.
12bcee98da8a2545e67c0fd61295e3e76c43d64f193a59bac3a91c594c824b90FancyFon FAMOC version 3.16.5 suffers from a session fixation vulnerability.
d9ed306cd69939777d43977859a23d2b0d269c3652c90899c8652bcdeb2459ceFancyFon FAMOC version 3.16.5 fails to mint one-way hashes without use of a salt.
b1d0a56de5c177ff2044a5a97d03ce257e2444febf937112e175e2fe8e4765a8Multiple nasa.gov subdomains suffered from cross site scripting vulnerabilities.
6191218f1434ba043aed4a65a60f43793bbac40fe0e83ed770b31f5accb7a689Proof of concept exploit that allows a local application to gain system privileges via CVE-2014-7911 and then root via CVE-2014-4322. The exploit included is for a Nexus 5 with Android 4.4.4 (KTU8P). The exploit may also work on other devices if the offsets of the rop chain are modified.
9bee54444ab6e873a99692c9254b7a2016b81c6a94b64203d4746a410081dac3Core Security Technologies Advisory - Some Android devices are affected by a denial of service attack when scanning for WiFi Direct devices. An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class.
feb52e38d88fae494e9480f07d94fba29e88f585adbd14e6a5b09a5a89af5f6cPhoto Gallery version 1.2.5 suffers from a remote shell upload vulnerability.
cccaa6d7d8925aad8a70eeff4842b9b5c3c554891b45ac03b8d34ce6dcd33cffBarracuda Networks Cloud Series products suffer from a malicious script insertion vulnerability.
b1d15ccdb7a81c7eb9860d092e8b040f08ceb595b2f77fa74bd0e6c2533ad304Comodo Backup version 4.4.0.0 suffers from a NULL pointer dereference vulnerability.
f496f6e77d0b41fcd441a5916787820bb16d44af5ecc6ccf2bc7293bd6d55a7eWordPress RedSteel theme suffers from a file disclosure vulnerability. Note that this finding houses site-specific data.
8a8b4ccb9d8e631c26e3dc2dfe473c46f7651237b41364e8ae30f0f5eb5e1d36JClassifiedsManager suffers from cross site scripting and remote SQL injection vulnerabilities.
a2c31b71a54d83ab8d3a5dac2797c3865f2693cb70aa077df35e26201e49b531OpenSchool Community Edition version 2.2 suffers from access bypass and cross site scripting vulnerabilities.
a94312ebdf8d35a30e75a38e37f85f944d7a0db2abdd1e05c0a67b685b7fe964
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed