Apache PDFBox versions 1.8.0 through 1.8.11 and 2.0.0 suffer from an XML external entity injection vulnerability.
f160d0f59531b7124fd63893410f4382449ef5be4212ce0538851d88587946e3Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
3f546d4bc5830e0c3e87f2da9304a10a3b6063f9b82860cf7bfb76bcf02be145The login page of the Citrix Netscaler Gateway web front-end is vulnerable to a DOM-based cross site scripting (XSS) vulnerability due to improper sanitization of the content of the "NSC_TMAC" cookie.
a907282e85cbd46ffd00df290cafdd51155648f582be3aa5b66d82cc3e3fbe7bApache Qpid Java Broker versions 6.0.0, 6.0.1, and 6.0.2 suffer from a denial of service vulnerability.
3d81afb1173f32654873524b4636e3c6b1d5deed18d076fcaffba968ee1a79faApache Qpid Java Broker versions 6.0.2 and below suffer from an authentication bypass vulnerability.
594b68879b7de55bcdb5b81acc03145d655ca916b880773922cff137be76c5a5Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
ce9b11d04e18e69566df0de64e339ecc901c77ba929b4ac2d1fac7bc8920bf46Slackware Security Advisory - New libxslt packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.
640e3e73be3ffe2c386f4c383d1ce10f3e47136935943c275815b90f8fcae037Slackware Security Advisory - New libxml2 packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
897ec1b06118a1abb82b30b33d29eec72b0476ee15fe9ac75c98b6bc949cd736PHP Real Estate Script version 4.9.0 suffers from a remote SQL injection vulnerability.
a3d0e8975de183eab61fd4e51fae11a0ffdb9ee0737e12c2b4f7dffaac28a836Joomla Simple Calendar component version 0.7.6b suffers from a remote SQL injection vulnerability.
909535d927b0a5f9ec70c23acbde120032291e1894baa58b23ed8900b178752eDebian Linux Security Advisory 3587-1 - Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library.
f2f6c7f99cc86a7323da7dcfecc1fc94a9783d8e35c09aac160019baa2b5e88fEMC Isilon OneFS and EMC IsilonSD Edge include an implementation of the SMB protocol. This implementation is vulnerable to a man-in-the-middle attack that could compromise the affected systems. EMC IsilonSD Edge OneFS versions 8.0.x and EMC Isilon OneFS versions 8.0.x, 7.2.1.x, 7.2.0.x, 7.1.1.x, and 7.1.0.x are affected.
c0278601cfff1854895a73db496eef4ed12459478f59de882cd68c1c9b252e49Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.
cc15398ab11d0e8cb5fd8ef9052046e7b29bea4c4d0c3133e418bc99ac79897bApache Tika versions 0.10 through 1.12 suffer from an XXE injection vulnerability.
f33971406fb04b391007116a0482ffc39feb7e43a3c815760b26a24fb10693d3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed