Gentoo Linux Security Advisory 201602-1 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow a remote attacker to cause a Denial of Service or gain elevated privileges from a guest VM. Versions less than 2.5.0-r1 are affected.
cae04eed58ae8cd630be1884c1bb0f33cd229432b115814282bbffc1e4740738Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
4ec05402e5742eba111d99279ab52f39f140f079532836b2872838eeb9f505fbSlackware Security Advisory - New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.
3817084445f90e3f459a79829a6e270510e154a126219ac97a15dd36c2ada743Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
e12927eacf6ef6d3cacc270e00841dd48b0d3f7b1d4afd2b1a3eeb606de4f45bSlackware Security Advisory - New MPlayer packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
128d2c2c6dbebc6384c5003717d1a56a6e9bee0506a5e606e0dbc67bb12f6fdbCisco Security Advisory - A vulnerability in the ICMP implementation in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch could allow an unauthenticated, remote attacker to cause the switch to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of an ICMP packet with the IPv4 Type 7 option for record route. An attacker could exploit this vulnerability by sending an ICMP packet with the record route option to an interface on the affected switch. An exploit could allow the attacker to cause a DoS condition because the switch will reload each time the ICMP packet is received. Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is available.
4e61211c39f3367346e5f72f2d3518da0831a44b413fba24d2123cd229d0ca17Cisco Security Advisory - A vulnerability in the role-based access control of Cisco ASA-CX and Cisco Prime Security Manager (PRSM) could allow an authenticated, remote attacker to change the password of any user on the system. The vulnerability exists because the password change request is not fully qualified. An authenticated attacker with a user role other than Administrator could exploit this vulnerability by sending a specially crafted HTTP request to the Cisco PRSM. An exploit could allow the attacker to change the password of any user on the system, including users with the Administrator role. Cisco has released software updates that address this vulnerability.
7a48b988270a94fadb7d6779d5a7a7a8728c1f353f9f1313e4d082386e256978Cisco Security Advisory - A vulnerability in the role-based access control (RBAC) of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated remote user to make configuration changes outside of their configured access privileges. The vulnerability is due to eligibility logic in the RBAC processing code. An authenticated user could exploit this vulnerability by sending specially crafted representational state transfer (REST) requests to the APIC. An exploit could allow the authenticated user to make configuration changes to the APIC beyond the configured privilege for their role. Cisco has released software updates that address this vulnerability.
2a0cb1732895f0f458645023d43a90cb57c506d514b40bc50b237d1778216fe3Getdpd suffered from a cross site scripting vulnerability.
61088412caf8c7d060d1c839c89cc6d27e3c1d0720de88a4313c4fb4b8ff6557SimpleView CRM suffers from a client side open redirection vulnerability.
43d03ca9717c7aa0110b23f2fa29fa78a56a3000536a9ed02d7947864706e825File Manager PRO version 1.3 suffers from local file inclusion and remote files upload vulnerabilities.
cf01ca8ea5403c993894287b303cc3b0a2eb128fe4644f5254319f84f53cac0cSoso Transfer version 1.1 suffers from a denial of service vulnerability.
19201c8450d7c3a66f99de65d78e96fde050f9f65cc072d16a59cce6b5300e32ASUS RT-N56U version 3.0.0.4.374_239 suffers from a persistent cross site scripting vulnerability.
87441652c6842207664db5e93c4cca7115dd476b58654fed698224aba77c8880Timeclock version 0.995 suffers from a remote SQL injection vulnerability.
013ee5630a2f337e2412346b2a8f4dab65c3cbe31392a09bec0ececba4ed54d6GE Industrial Solutions UPS SNMP adapter suffers from command injection and clear-text storage of sensitive information.
6461ea7f02e3828661f5f2c2334de5bdf1c58395f13ec5505a1d5449063ddf8aUliCMS versions 9.8.1 and below suffer from a remote SQL injection vulnerability.
d499376205abeca3f80554d32c02b1938e8182a3368223a857d82d38c5b3f42a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed