SAP NetWeaver J2EE Engine version 7.40 suffers from a cryptographic issue that can lead to information disclosure.
4a8752f48a5fa73baa980c9abecb1d2a2c71088e4ae41dc5af67c4faa1a59f5bAnonymous attackers can use a special HTTP request to inject logs in the xsengine trace file without size restriction. The vulnerability is triggered when the username sent to the /sap/hana/xs/debugger/grantAccess.xscfunc page is longer than 256 characters.
c8c5dd5a2c2a55cdafe1f8d473df9812f164b0f46f07d0a934fb5fc0b3a066f0SAP NetWeaver J2EE engine version 7.40 suffers from a cross site scripting vulnerability.
4d45bc8c91a6d3d36af7f90ad4341ee0314fc7fffe6fbc4ec7d2cfe5c83dab9fDebian Linux Security Advisory 3550-1 - enabled and the sshd PAM configuration is configured to read user- specified environment variables and the "UseLogin" option is enabled, a local user may escalate her privileges to root.
374089592e1cd2eb80c2dec50b28b14a5c1a6f12066de2e2c148453d945875cfDebian Linux Security Advisory 3549-1 - Several vulnerabilities have been discovered in the chromium web browser.
78be013d33903d3148ba3f1b8de4567e0e7e3695de26eaeb437da123767a9de4PfSense Community Edition versions 2.2.6 and below suffer from cross site scripting, code injection, and cross site request forgery vulnerabilities.
a1cea41cda47aaf708576b8f7af2aa6b3c4f8bef37be1b6afc196e909188eabcVMware Security Advisory 2016-0004 - VMware vCenter Server, vCloud Director (vCD), vRealize Automation (vRA) Identity Appliance, and the Client Integration Plugin (CIP) updates address a critical security issue.
bd56155a16a9898620437b43f01ad1f323acba62d3f1fc3b322b4be0caad980bEMC Unisphere for VMAX Virtual Appliance contains a fix for an arbitrary file upload vulnerability. This vulnerability could expose the VMAX Virtual Appliance to be potentially compromised by malicious users. EMC Unisphere for VMAX Virtual Appliance version prior to 8.2.0 are affected.
54c97e2325e2b7e67297fc3d7d82dccdb3972cb5aa3005957194aba7f8158f07AirOS version 6.x suffers from an arbitrary file upload vulnerability.
a2045ad92aa7807fb104f6e5684803d581ae09e9d5bbb906da255625550214c565 bytes small Linux/x86_64 read /etc/passwd shellcode.
838910ad5738b8e6f0bc31928b09825e68de325dc1fb4bedad490fb9acc99c7aMicrosoft Internet Explorer 11 ships with MSHTML.DLL referencing various DLLs which are not present on a Windows 7 SP1 installation, Windows 10 is not affected, other Windows versions have not been tested. According to "MSHTML.DLL is at the heart of Internet Explorer and takes care of its HTML and Cascading Style Sheets (CSS) parsing and rendering functionality." Every application using MSHTML.DLL directly or another DLL which incorporates MSHTML.DLL (like SHELL32.dll) is prone to binary planting.
6527d84b2e81cbfa11caebc6caad25537bf4ae7b3243d2620fd57dda899352a3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed