FastStone Image Viewer version 4.6 suffers from an arbitrary code execution vulnerability.
4b66f73257ae013039d76fd10c358d59WordPress Shopp eCommerce plugin version 1.0.17 suffers from cross site scripting, sensitive information disclosure, and remote shell upload vulnerabilities.
047b4631bd7a0a73bdc7d017fac711a72279ceab2fd62e3ea5b29ad7490b6f90Et-Chat Rank suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
9012f42d3c5252b81e9b3ff0e90eb899ed286e5d7bf623ab9835ddc58f07f109Secunia Security Advisory - MustLive has reported a weakness and some vulnerabilities in IBM Lotus Notes Traveler, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.
45c2f778c708868e467364e4d5377576901011c33b7e20e4c0bcb56ce07d3ac3Secunia Security Advisory - Ubuntu has issued an update for libxslt. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.
473591357ca71daacc15be69cc1900138c5c2a9fe94c1bf0515a3f5e5aae074dSecunia Security Advisory - A vulnerability has been reported in Novell Sentinel Log Manager, which can be exploited by malicious users to bypass certain security restrictions.
fa213fc7066ae3e5bfcc891a55d18a278e47582d100e1f27535144e4a08fe585Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver Process Integration, which can be exploited by malicious people to bypass certain security restrictions.
a5200ede4ce2db7b12307cd1848a1e369f9f1c4f951a5db0a9e3d95131c2bf38Secunia Security Advisory - Ubuntu has issued and update for kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6b1a1133bbdd6763529b07b175518ad6ff07e06b717271321842dcadb19ad1e8Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver Business Warehouse, which can be exploited by malicious people to disclose potentially sensitive information.
354079fd1620cff1486251bf6e210c5d8ea77577a69bf6bb3d9b2911f9cf1c44Secunia Security Advisory - A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks.
179e175a9e9889770ff8d34044d9e663a9b9a1da7592ac85e5d431d4617749efSecunia Security Advisory - Ubuntu has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information and malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
c7453ac5be6acbb22cad483f7e8a1b6a3e239bd76ba39f5b9b3df600701c1f52Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in LetoDMS.
aca25777182e9483075db9477c31853b443b1475d7d909a199512db22890925aSecunia Security Advisory - ERPScan has reported two vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
3dec08f8bfaeca74409fafb39a576704fbb4f03121248a15e44de0305d8d430eSecunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
4060a23f822ed2eee5b08578427c0a2f2d026e69efa44b6302419b2e2d42ca60Secunia Security Advisory - A vulnerability has been reported in VMware vCenter CapacityIQ, which can be exploited by malicious people to disclose potentially sensitive system information.
8dad248c81b942b7c94098ffce8d49bcb8b44f13759e912c7dad684eb78bd148Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in the Pinterest Pin It Button Lite plugin for WordPress.
ccbf2f49111e3cb319dc2e173499c20ed2ae3dc71e7fe0552a651679aadc0923This Metasploit module exploits a vulnerability in the qconn component of QNX Neutrino which can be abused to allow unauthenticated users to execute arbitrary commands under the context of the 'root' user.
6e1beec5fd42be7fbf24377e1c1e0b1d78d44f8b5973be0c7a4d765f1f05fce5strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
8b56598c03fd2c9ee37b844a32f04a9db292e6318e4411065e0b1d74770cd467Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6fc3b417368069bc8e7901967600c66c8324fdd5bb4cd5bc684e8063e0164b5aTeam SHATTER Security Advisory - It is possible to execute Operating System commands using the Java call Runtime.getRuntime().exec() in Sybase ASE versions 15.0, 15.5, and 15.7.
7b44eb683fa6bbdcbb599a6e34e34387401c0ee9a9af9133cf44b711d55b824eAuthenticated users can elevate privileges to any role via SQL injection in one of the DBCC commands in Sybase ASE versions 15.0, 15.5, and 15.7.
0de0a63c7bdd201868a067b883c3f04d9b4bc9ce90eabb05ce9dc53e37d30270Team SHATTER Security Advisory - There are multiple SQL Injection vulnerabilities in components of SQL Tunning Sets that can be abused to perform attacks to execute SQL statements with elevated privileges in Oracle Enterprise Manager Database Control versions 11.1.07, 11.2.0.3, and previous patch sets.
ec091e795a7b21f06042b32c57e0e7bc67ebb519a0b2587ed8cece93633d4055Team SHATTER Security Advisory - Two system stored procedures executable by PUBLIC allow reading of files with xml extensions in IBM DB2 LUW versions 9.1, 9.5, 9.7, and 10.1.
107b4fda80eb2d3a4a4a72644c82a7c887c11de47730435f9aa331d4906b0061Team SHATTER Security Advisory - System stored procedure SQLJ.DB2_INSTALL_JAR executable by PUBLIC allows JAR file overwrite to any authenticated user in IBM DB2 LUW versions 9.1, 9.5, 9.7, and 10.1.
70532ba6dc2c51be2493c022d83d341c1d2e93b16b4e6d2b79127f0dc31c10d7Hardcorereview suffers from a WriteAV arbitrary code execution vulnerability.
6e8b830a697c7e0e850189baa7cc8e6be109d14d786eea51b618398858d95978
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed