WordPress All In One SEO Pack plugin version 2.3.6.1 suffers from a persistent cross site scripting vulnerability.
a0532b8b84d3b391236eaaec772e4390119e418ddeb1bdb40bb92cad63c83984Ubuntu Security Notice 3029-1 - Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. This update refreshes the NSS package to version 3.23 which includes the latest CA certificate bundle. As a security improvement, this update also modifies NSS behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack. Various other issues were also addressed.
6e601ccd1ee83f0d499b744c4b1829d9d494088ab8da32987ec0617887d2186fUbuntu Security Notice 3030-1 - It was discovered that the GD library incorrectly handled memory when using gdImageScaleTwoPass(). A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that the GD library incorrectly handled certain malformed XBM images. If a user or automated system were tricked into processing a specially crafted XBM image, an attacker could cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Various other issues were also addressed.
adc630ed03e8562917c9a2cb01fe5bb9be41e5ce50a6e10a8fe9950508867decUbuntu Security Notice 3028-1 - It was discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code.
5756a57228bcb3184a06152b3f6d61b0bfe18c1751779fae6f150510dbf8fd57Red Hat Security Advisory 2016-1392-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.2.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
591efa83c0955a542504cbb702a0469fa8d8cf263b41605c6b0c60794508780dTiki Wiki CMS version 15.0 suffers from an arbitrary file download vulnerability.
3b5608b99ef2780f0968f1088b711658cbefed9cd86aea883493a210051eea05Amazon AWS suffers from a cross site scripting filter bypass vulnerability.
08734fa80ba07ef632be8b5a92e85392c6d039d9740271d3f69322da8b32974aWordPress Activity Log plugin version 2.3.1 suffers from a cross site scripting vulnerability.
44d3c110001dcf64ab0c4de151258da4979819c57f20768b01dda988930324b4Whitepaper called My VBA Bot - Writing Office Macro FUD encoder and other stuff.
cd3df45647920f0daf5fc401196c033c74794ce9607f20e3bb7bc0fa00433fddWordPress Live Chat Support plugin version 6.2.00 suffers from a persistent cross site scripting vulnerability.
203bd383c9f3fed80a99fa6ad0b0ad8f03bcf156222eb506d8f5e0754976fc74Joomla Branch component version 3.0 suffers from a remote SQL injection vulnerability.
d2b89c99caa35ad5d84d263bfd6ac3fa498d4b08bbdf1189a1e46af43ecddf56The Realm / Dashgum Software CMS version 1.0.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
d1741127af5c30842ce69d01f0c198cbdaf847521e96423a529c1ac82ec16827Joomla XMap component version 2.3.4 suffers from a remote SQL injection vulnerability.
5f0ef74ab3c000e298085210a36c009c750b3fc235db83b82edddf011e9110ddLearnVest suffers from a persistent cross site scripting vulnerability. The author has emailed the vendor repeatedly with no response.
19aa9fd28ef3339f128e1a409e44d5a4d7c30ecbbc0a556276b6de77ff282545MoneyTrackin suffers from multiple cross site scripting vulnerabilities. The author has emailed the vendor repeatedly with no response.
820177af7ad2637bead61e71c82a2f5cc16d0a21cebfd2a1a81a6749158a236aJoomla Forms component version 1.3.1 suffers from a remote SQL injection vulnerability.
f237d4e38a1bd35ad882770cdcc1e0baff35fbb6e61342d0b81e86d2a9b8e690The Joomla Services component suffers from a remote SQL injection vulnerability.
c865b0b4d339c8f765db2c6a4fc0e9414f9319f5c6bec0c7320b77fd2b41ff94Core FTP Le version 2.2 suffers from a remote buffer overflow vulnerability.
c439422a095e3e76ee303e59070519ce34630e10a5b90b38017a6437050a4299MetInfo version 5.0.4 suffers from a remote SQL injection vulnerability.
37cc8209cbab837e8f6b68a2b0a84c97ffde0f89c8ced9ff0e5ba4549e0bf34eErsoft CMS version 1.0 suffers from a remote SQL injection vulnerability.
63fe5757fe118e43554f45c97d204222ea0b5e38f4501146eccbabf379b7b21f172 bytes small Linux x86_64 continuously probing reverse shell via socket + port range + password shellcode.
2c792213a82b5f091b7bedb72fdc154120862ee15a4edb864e7aabeafd8ef694
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed