WordPress Comment Rating plugin version 1.5.0 suffers from a cross site scripting vulnerability.
692b1844c000759c1f833dcf23c55eb9Winhex Editor versions 18.7 and below suffer from a dll hijacking vulnerability.
688153c04268e41afa368c0a6b651df1Gentoo Linux Security Advisory 201601-5 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes. Versions less than 1.0.2f are affected.
23b6803a19602b3166e8d8d8886e8168OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
b3bf73f507172be9292ea2a8c28b659dHP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
6b1d5c4e2723750b4c85c318fa20f427HP Security Bulletin HPSBGN03533 1 - A potential security vulnerability in the TLS protocol was addressed by the HPE Cloud Service Automation and Codar products. This vulnerability known as "Logjam" could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.
5753ad20f07994a0e93a1b6ce4a571f4HP Security Bulletin HPSBOV03540 1 - Potential security vulnerabilities have been identified with the OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS. These vulnerabilities could be exploited remotely resulting in execution of code with the privileges of Bind, disclosure of information, or cause a Denial of Service (DoS). Revision 1 of this advisory.
595a4df292feaba6a50f97e0a2a55b79HP Security Bulletin HPSBHF03510 1 - A potential security vulnerability has been identified in HP Integrated Lights Out 2/3/4. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. Unlike the TLS server-side version of Logjam, this vulnerability affects the client-side TLS connection on iLO, or when the iLO acts as a client in a client-server connection. Revision 1 of this advisory.
b97907dae89a06f33ea7b50ebce10a80iScripts EasyCreate version 3.0 remote code execution exploit.
3b0f1a8d207b00c445070735ca5f852fiScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
33189287d2184e0ea7d730c6c2ee5eb8ManageEngine Eventlog Analyzer versions 4.0 through 10 suffer from a privilege escalation vulnerability.
69d68169f02b6f3bb22a874c6ef42f5bHP Security Bulletin HPSBHF03419 3 - A potential security vulnerability has been identified in HPE Networking Products. This is a Virtual routing and forwarding (VRF) hopping vulnerability that could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Note: This vulnerability could be exploited remotely as a result of the following network interface conditions: VRF (Virtual Routing and Forwarding) is enabled. MPLS (Multiprotocol Label Switching) is disabled. MPLS-labeled packets are received that match FIB (Forwarding Information Base) entries. When all the above conditions exist, the interface could incorrectly forward the MPLS-labeled packets. Revision 3 of this advisory.
079a18aef987acdfefb0ab7809823273ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.
f9c1968f467ae9126fb372c962dd3e1btranslate.avira.com suffers from a cross site scripting vulnerability.
ab04777ff72d00d63da6a230c91eaed3WordPress Simple Add Pages Or Posts plugin version 1.6 suffers from a cross site request forgery vulnerability.
3ee8673a15eddab2fb8bea7cd7fdbad8HP Security Bulletin HPSBGN03542 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Operations Manager for Windows. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
e17bd176f38963018b6c0ecee4ecc5a5ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.
8a8ca63e1ef564c23c17f2ea23ca1e65Some partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can lead to issues when the parent table would have denied the operation, but no denial occurs because the partition-level privilege is not checked by the authorization framework, which defines authorization entities only from the table level upwards. This issue is known to affect Hive clusters protected by both Ranger as well as SqlStdHiveAuthorization. Apache Hive versions 1.0.0 through 1.0.1, 1.1.0 through 1.1.1, and 1.2.0 through 1.2.1 are affected.
79e855ca810454b257359484284a8dc6HP Security Bulletin HPSBHF03538 1 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM), and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS). Revision 1 of this advisory.
89b506907f63f7614403feb19a1b698cHP Security Bulletin HPSBHF03535 3 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM) and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 3 of this advisory.
8ee97ef31a5348369207d5504ddc0e33122 bytes small Linux/x64 TCP reverse shell with password. Polymorphic version.
8715bf5b1cbd3040b8bf30ae48f25523Netlife Photosuite Pro suffers from a cross site scripting vulnerability.
37cb715c8aafc9b49e879002ba181a41Red Hat Security Advisory 2016-0087-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
233a50dce35d01a977e0a02556f8b518Red Hat Security Advisory 2016-0085-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
4fa0b330a02471e2ba73baa071526ca9Debian Linux Security Advisory 3459-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47.
9bcd1e0331009e6ccd525d2e62eed9b8
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed