Pluck CMS version 4.7.3 suffers from code execution, cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.
9c15c9353fd157ff999d6c6642d64faa272b0ac770bc946572239db5e9949812freeSSHd version 1.3.1 suffers from a denial of service vulnerability.
394f6434e00eb05d1952d269485e3c3a636bd930a41c5b68ab983b352e8c2632WordPress Captain Slider plugin version 1.0.6 suffers from a stored cross site scripting vulnerability.
73470cb284596d274c1d8c36303b9ebc55b5a11435c41374e907a1eb3ff10eaeSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
f6fb90468e1cd0c34ded052060e2b58c5b9926d0b448e48b4918df3045d7fb6dThis Metasploit module exploits the rootpipe vulnerability and bypasses Apple's initial fix for the issue by injecting code into a process with the 'admin.writeconfig' entitlement.
675bfb209258c4d794420d872c3ae4a648abbf5cb0e2af4ea23e9559348211b2HP Security Bulletin HPSBGN03387 1 - A potential security vulnerability has been identified with HP Intelligent Provisioning that could allow remote code execution and unauthorized access. Revision 1 of this advisory.
ed6bd49edc27764e75614ec18b04b7f32dd48e7da2421103c5daa0d969b1fee7HP Security Bulletin HPSBGN03407 1 - Potential security vulnerabilities have been identified in HP Operations Manager for Windows. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. The RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
67048196abdfa69916a6efa701454c95118f91f9cde4a4921506b10a0f9aca07HP Security Bulletin HPSBMU03416 1 - A potential security vulnerability has been identified with HP Data Protector. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
7798d95ad3af5b0b8b2ff44645a5bf8e9920084de205b6bfe59393552829d13bThe programmable interrupt timer (PIT) controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller, allowing both an information disclosure and a heap overflow within the context of the host.
13f86bfcab19e0b4b4a2b31f5267866e4f2e1bf60fa810d064d79e7a787b0c07Photo Transfer 2 version 1.0 suffers from a denial of service vulnerability.
368ca11913bbeb4d94a623944cf3e7c3b1a4042d78d4ba52a188f2e5f763a61dA stored cross site scripting vulnerability existed in the SecurePayment page on PayPal.
3c310cb10ff9633ba901e4ad17bf6fa88edfed42f8596e1d63c337b7eb6b4073Jenkins version 1.626 suffers from cross site request forgery and command execution vulnerabilities.
c340802683762618a09044390f24e3b3a483286548b95201dd3eb0d579b906a9WordPress Responsive Thumbnail Slider plugin version 1.0 suffers from a remote shell upload vulnerability.
f98b6997588b3f30ced3103e420f4be371274ba241219a5a03d4d7d3c513cfc0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed