Debian Linux Security Advisory 3234-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
def56cbcb5f101f29f12a80e59378f7d3c5ab84852759f935899affe26802977HP Security Bulletin HPSBHF03272 1 - A potential security vulnerability has been identified with certain HP Servers with NVidia GPU Computing Driver running Windows Server 2008. This vulnerability could be exploited resulting in elevation of privilege. Revision 1 of this advisory.
6f1f421351008007e3a045e814596974c41a38fe81042dad57f84ddde4fac716HP Security Bulletin HPSBPI03315 1 - A potential security vulnerability has been identified with HP Capture and Route Software. The vulnerability could be exploited remotely resulting in information disclosure. Revision 1 of this advisory.
0f53330b8863493f6bd516603fdd709e7343a9179ad79258fa39a93bd5f98e51Debian Linux Security Advisory 3233-1 - The Google security team and the smart hardware research group of Alibaba security team discovered a flaw in how wpa_supplicant used SSID information when creating or updating P2P peer entries. A remote attacker can use this flaw to cause wpa_supplicant to crash, expose memory contents, and potentially execute arbitrary code.
cbf11d3c2811cfc3822a030648d7fd3606b6426e0b3081e97749187e44a2873afwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
bb1d6613c5df7d0723b1a1100ed5cf195677a314d64b50433da90882a491b074This Metasploit module exploits an arbitrary file upload in the WordPress WPshop eCommerce plugin versions 1.3.3.3 to 1.3.9.5. It allows you to upload arbitrary PHP code and get remote code execution. This Metasploit module has been tested successfully on WordPress WPshop eCommerce 1.3.9.5 with WordPress 4.1.3 on Ubuntu 14.04 Server.
f619d802b93d34eebff17a8861709268616692a3263b82947bee155839965331PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
e8a7557d87d5e758c987601028f15c2f3cf15c72d7bef351c79af1484d74b841This Metasploit module exploits an arbitrary file upload in the WordPress InBoundio Marketing plugin version 2.0. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress InBoundio Marketing 2.0.3 with Wordpress 4.1.3 on Ubuntu 14.04 Server.
114356930e9c145630aeafa00184f2b3246d456a0167279e09bbfc184d6c975eWooThemes WooFramework version 4.5.1 suffers from a cross site scripting vulnerability.
5d124409091d48c2939ad588a90764b38d2a4484f4d89a3139fb746c2c995abfOpenFire XMPP versions 3.9.3 and below incorrectly accepts self-signed certificates potentially allowing for spoofing attacks.
d26c2fe0c0cc3b4027d438b3b2eba60b5fcea46aa1cc48496aed16c4a47ece9eXoops CMS version 2.5.7.1 suffers from a persistent cross site scripting vulnerability.
6d96a583b5517d793a50ea4d7ed9518604a1e1041b363fdc87ac95943b0e4919Ubuntu Security Notice 2571-1 - Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox.
d1ecdc8415b2df26cb92c366dca7a5d657231bb6a63cd603887be34dc22916d4FlatPress version 1.0 suffers from a persistent cross site scripting vulnerability.
31b2ba9333b2e1336dd35c959bdfed46dda097275be00da883f6f3d2461eddddWordPress QAEngine Theme version 1.4 suffers from a privilege escalation vulnerability.
83976326087c31c7102e2646fc3829eb8a1f6ff16ade8fae6f4bec7ea6e1d799WordPress Premium SEO Pack plugin version 1.8.0 suffers from file disclosure and remote shell upload vulnerabilities.
ac5f4c1d1a43f1db2b74fd991cc42657c14e00af6344504e6ebedd072e8cb46dEncaps PHP/Flash Gallery version 2.3.22s allows for the database to be filled up due to poor design.
3c17bd70e22d359fbe5891372b6f80377b6cbe310ce3f5943b086af8b710c1ea
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed