WordPress Ultimate Member plugin version 1.3.28 suffers from a cross site scripting vulnerability.
c9ca3677fefabf989d98e6f46a693b4109c606008e37ba14df6bb66e353e939aWordPress Gwolle Guestbook plugin version 1.5.3 suffers from a remote file inclusion vulnerability.
3c508424a14bf87d47e47bf3940ce3c2b33f80a60247374cd2b38c3dc9e2cd63WordPress Calls to Action plugin version 2.4.3 suffers from a cross site scripting vulnerability.
458830b56600d9f6b97ed18aa8b64a58c79fa0079b1d611d70b3c7fd209bdca2WordPress Role Scoper plugin version 1.3.66 suffers from a cross site scripting vulnerability.
d866c0ec123a8ab2510f8a5984126768307b9249a3f33cd386de677d9b02d160Acunetix WVS 10 suffers from a local privilege escalation vulnerability.
80ed16f231ffb98f3f386d6c6cb644ad37351ece64afd221b36b4197d351772cGnome Nautilus version 3.16 suffers from a denial of service vulnerability.
e586d2c6767124bf65dffc9fcb944f2558661fbdc9fd59bb4693ea2c48e22703WordPress Users Ultra plugin version 1.5.50 suffers from a remote blind SQL injection vulnerability.
a793f6aae9eea832463ee54879cb2c4de2bd72fad84190ee9baf2bb20e2f2629WordPress Users Ultra plugin version 1.5.50 suffers from a persistent cross site scripting vulnerability.
8c3c67ef5df9097504431b83b342e404532ce3ad4fcbb2cdb57bfb552c01fea9Debian Linux Security Advisory 3409-1 - A memory-corrupting integer overflow in the handling of the ECH (erase characters) control sequence was discovered in PuTTY's terminal emulator. A remote attacker can take advantage of this flaw to mount a denial of service or potentially to execute arbitrary code.
7d59ac8ea28d2ed74210302eddac180af86f65d5dd80870135bd13e7d638b399Debian Linux Security Advisory 3410-1 - Multiple security issues have been found in Icedove, Debian's version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.
c4d03a712c3b367a9fc290b0a72f11c5be169a10a74c8653d379d55399f41c23Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
d2792c8cfadd685fffc40b2199679628815df031fd3149ccf961649fc8787ea9This Metasploit module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This Metasploit module targets the 'ping.sh' CGI script, accessible through the Boa web server on Advantech switches. This Metasploit module was tested against firmware version 1322_D1.98.
2d07c4e5c3e954a7d9efc2a4e7d397f7e69058ab0c07cd400854d45c65db2f07ntop-ng versions 2.0.151021 and below suffer from a privilege escalation vulnerability.
4f40ea6bd4b9c55d564fa8c3c637aca611317d0ebbb415bdb2e5f8ea215ba2dfUbuntu Security Notice 2824-1 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash).
7db7a7fae1c43f0a5515c9f7cba84ce7e29596eab26c0f8629bd42187783f008Red Hat Security Advisory 2015-2536-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
5e8bbed2f3b25ac34f8aa82ddcbb89fe5dec0fbe452544181c9fe747178a3796Red Hat Security Advisory 2015-2537-01 - Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
fe1fc6b6187effefed671fb817dc0c8493d76336a870d0bb03e4657b842c8c0a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed