Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.
444c31d1133e1004a07b094139756aecOpenX version 2.8.10 suffers from multiple open redirection vulnerabilities.
32b59177ba1282d88e665ac974e5de20HP Security Bulletin HPSBMU03126 - Potential security vulnerabilities have been identified with HP Operations Manager (formerly OpenView Communications Broker). The vulnerabilities could be exploited resulting in remote cross-site scripting (XSS). Revision 1 of this advisory.
5c191b915f15a086fac933c06c41fdc1Drupal versions 7.0 through 7.31 suffer from a remote SQL injection vulnerability.
8244a1135ddb4e99909b9a3e3d2bce43NETIS DL4322D 300Mbps Wireless N ADSL2+ modem router suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.
5cafd193388eec34ba7ec5ad30879245Drupal versions 7.0 through 7.31 suffer from a pre-authentication remote SQL injection vulnerability.
dc7a6339ae60c1eec1fa92e072331db4HP Security Bulletin HPSBHF03125 - A potential security vulnerability has been identified with HP Next Generation Firewall (NGFW) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: This vulnerability can only be exploited if the attacker already has valid administrative login credentials. Revision 1 of this advisory.
cb7597e9749f91717ca7e746f7b84674Cisco Security Advisory - On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.
26e95f07566d080c95707103b4d8ecb5Cisco Security Advisory - Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software suffer from multiple denial of service vulnerabilities.
1eb9b2f759cf60c63738dfcfd7a85299Cisco Security Advisory - A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system.
04cfe5036fd2b8ffeda2544a7706ba67nytimes.com suffers from cross site scripting vulnerabilities.
38251ef83653028a6cf621d0bd723813Hamster Free ZIP Archiver version 2.0.1.7 DLL hijacking exploit.
5346a73a621064512191f1f9d1e7de52Megapolis.Portal Manager suffers from multiple cross site scripting vulnerabilities.
3c52458adf840f42790885f8cec24aceIPy suffers from a blacklist bypass vulnerability.
13ca9eab3b6159c0a1ab64e3aee39e3eThis is a python script that performs brute forcing against WordPress installs using a wordlist.
8fe46a933d571cae852ad77333c4fc17
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed