An independent vulnerability laboratory researcher discovered a remote code execution vulnerability in the official Ferrari online service web-application.
cd634fe57ff51c217453aa33dc7e4cad2c507d2915ae0f729bba7792b937c431Ubuntu Security Notice 2707-1 - Cody Crews discovered a way to violate the same-origin policy to inject script in to a non-privileged part of the PDF viewer. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to read sensitive information from local files.
454aadcc72ab27356bc6097291844b21c35e99f121004be9079deac843860748Debian Linux Security Advisory 3329-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
032d7754d15daf5a42e6f9f97780a9dd8431d502054c7f15a05b87b1417f2da4A use-after-free vulnerability was discovered in unserialize() with SplDoublyLinkedList object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
0871a6862315dddb4b458e935baa1d9975da14b6a2a6fe621eb91c225e281bb8A use-after-free vulnerability was discovered in unserialize() with SplObjectStorage object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
671f2a7c738b31dc6a03417ab29ce95089173d2f3c6b80d8f3156839a758dae5A use-after-free vulnerability was discovered in unserialize() with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
bdc3dd33954af63076460ec415aa1687a2a7bb0690e51d14cc41bd321bce45d0Froxlor server management panel versions 0.9.33.1 and below suffer from a MySQL login information disclosure vulnerability.
bea08fc5fe8a746bec832460f61703e56e29a8bb83c170586999f4de71e6f714Privilege escalation can occur in Linux due to nested NMIs interrupting espfix64.
f62af298234e655a737d78137c9a21203b3fc70e674b757e92ae2c2517d1fb97Tomabo MP4 Player version 3.11.3 SEH buffer overflow exploit that binds a shell to port 8080.
5f39055c0c13c2289ffa7d54ef8c96c0b7075dee837861e6f8b18f94e8876c3cWordPress Avenir-Soft Direct Download plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
7844807154e232f36b2977ae5e053b33a124ffb57f58ee4e7788b75151070148Red Hat Security Advisory 2015-1579-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of Ceph with a Ceph management platform, deployment tools, and support services. It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file. ceph has been upgraded from v0.80.8.1 to v0.80.8.2.
f2392b62da3dfba9be306537aa689d109eca632444e6fb287b3ca774649ec465Ubuntu Security Notice 2706-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Several vulnerabilities were discovered in the cryptographic components of the OpenJDK JRE. An attacker could exploit these to expose sensitive data over the network. Various other issues were also addressed.
43d713d4f87bfbe8c290f9a1b71ea87bd7e27654c81117d2859669b12657800eLinux/x86 memory sinkhole privilege escalation proof of concept exploit.
00de01ce17182da940ac345f8fa7ea1753ac9ac98b859bc6093a33a5c280b7e1FileZilla Client version 2.2.x SEH buffer overflow exploit.
ca15b6ff2734f76a2fc8ef302f058fa9280cb8afab33f7441ce251b71ac2fe90NDPROXY is a system-provided driver that interfaces WAN miniport drivers, call managers, and miniport call managers to the Telephony Application Programming Interfaces (TAPI) services. The vulnerability is caused when the NDProxy.sys kernel component fails to properly validate input. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode (i.e. with SYSTEM privileges).
10347041ea74c6b447143df9dd4aa3555e238a1fcca1ba360cd0d9e113076d9d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed