The Archin WordPress theme suffers from cross site scripting and various handling vulnerabilities.
b2f3aa41693b19472b34affa70792389This Metasploit module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allows to control the dereference and use of a function pointer. This Metasploit module has been successfully tested with HP Application Lifecycle Manager 11.50 and requires JRE 6 in order to bypass DEP and ASLR.
932d2ea76a375f623765517fcfe5eb73This Metasploit module exploits a vulnerability found in Auxilium RateMyPet's. The site banner uploading feature can be abused to upload an arbitrary file to the web server, which is accessible in the 'banner' directory, thus allowing remote code execution.
c54aeab74b620d49edfe685af84c9397Gentoo Linux Security Advisory 201209-10 - A buffer overflow vulnerability in Calligra could result in the execution of arbitrary code. Versions less than 2.4.3-r1 are affected.
8e3bc46a0ccff8de01bba6483d3697dfGentoo Linux Security Advisory 201209-9 - A vulnerability has been found in Atheme which may lead to Denial of Service or a bypass of security restrictions. Versions less than 6.0.10 are affected.
2804fa23379148108ea4b00be53cf3efThomson SpeedTouch ST780, by design, has mixed content in the DOM during an SSL encapsulated session.
fb05f515c38819c36c89573aa5785d84Sites powered by Stoneast suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
f463b26f451d3e54561fd72c4a46814aSecurity Explorations has announced that they have discovered yet another sandbox bypass of Oracle Java and have reported little in the way of details until the vendor fixes the issue. It currently affects all versions of Java. It's probably best to just keep Java off in your browser for now.
0c54fae665c8069568acd4106db9615cGentoo Linux Security Advisory 201209-8 - A vulnerability in SquidClamav may result in Denial of Service. Versions less than 6.8 are affected.
e15d8ee406f845fe6ba4d839f114f6f5Gentoo Linux Security Advisory 201209-7 - A buffer overflow in International Components for Unicode could result in execution of arbitrary code or Denial of Service. Versions less than 49.1.1-r1 are affected.
00cc7b0c2ea880271cfb425cad87a71bWordpress Plugin Token Manager suffers from a cross site scripting vulnerability.
6a25bf92ceda6b611569d7b5b3e1fd2dSecunia Security Advisory - Red Hat has issued an update for multiple JBoss Enterprise products. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise an application using the library.
0547aed8b41be3ec88399cac3ac5b9edApple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.
02d5cf6eea27e80e9fb74ce87ba23963Guacamole 0.6.0 contains a trivial buffer overflow vulnerability that allows connected users to execute code with the privileges of the guacd daemon. In the Debian distribution the guacd 0.6.0-1 daemon runs as root and allows connections from unauthenticated users. However, it fortunately only listens on localhost by default. Proof of concept code included.
995fe46b49076362053293306fd95f07The current version of Dell's Data Protection | Access (DDPA) software for Windows (Build 2.2.00003.008 from 2012-06-14, released August 2012) contains and installs several outdated, superfluous and vulnerable Windows system components as well as outdated and vulnerable 3rd party components and drivers.
d7262bfb5d52645f3f56caafd1dbe114Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Wireshark included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
67e5ae70c14b8179cbccd02ae02320beSecunia Security Advisory - Oracle has acknowledged a vulnerability in International Components for Unicode (ICU) included in Solaris, which potentially can be exploited by malicious people to compromise an application using the library.
1502c7cb01a5f619b9bf202bb13fbaabSecunia Security Advisory - Oracle has acknowledged a vulnerability in libsoup included in Solaris, which can be exploited by malicious people to disclose potentially sensitive information.
40a0df821f27edefbcf308fae11b7f13Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious people to cause a DoS (Denial of Service).
18bf487a089f10792ecefdab68f2a1a5Secunia Security Advisory - A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system.
65bae1d59693d2b00718020a0e7d4fe4Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Application Server for z/OS, which can be exploited by malicious, local users to bypass certain security restrictions.
63b70c898c62c3eef6a57b801f5f9f7dSecunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Firefox included in Solaris, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, and compromise a user's system.
3339af7ca1a94729f876d47b80229adbSecunia Security Advisory - Oracle has acknowledged a vulnerability in libexpat included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
48e9849df294bf14f6b4d3d22ae810f3Secunia Security Advisory - Two vulnerabilities have been discovered in the Token Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
f7980e82ce0f9baa08ce9410767a2d72Secunia Security Advisory - Oracle has acknowledged multiple weaknesses, security issues, and vulnerabilities in Apache Tomcat included in Solaris, which can be exploited by malicious, local users to bypass certain security restrictions and disclose sensitive information and by malicious people to bypass certain security restrictions, manipulate certain data, disclose sensitive information, and cause a DoS (Denial of Service).
f1e34cee3277141f57cca2f6494d7970
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed