ZooKeeper versions 3.4.0 through 3.4.8 and 3.5.0 through 3.5.2 suffer from a buffer overflow vulnerability. This affects the ZooKeeper C client shells cli_st and cli_mt.
dac1578f028d29ce343ed0fd6cce66eb90707710c6358e7134caa196a1cc54b6Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
17ab5bcec57a40add161eafd30fb8c99ec9160c22309af0adc7b46c7723807d7Red Hat Security Advisory 2016-1905-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 53.0.2785.113. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
0de4dbd636bf8199b04092466d1f4e3c34d8b6f6cd8688d066ccb681573ded47Debian Linux Security Advisory 3669-1 - Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation.
206d6b75119861b8a83da66629ef1f00284e5a30f11fb052bc9a1f4f46863523Oxwall version 1.8.0 build 9900 suffers from cross site scripting and open redirection vulnerabilities.
a4c32ba0454c27f760c02f058d4510e06c897d4884125228df497819f6da4eecMyBB version 1.8.6 suffers from improper validation of data passed to eval allowing for the disclosure of the database password.
3d6c1ec3482077a352cb0a1a11260b9058bbaaeece23cc1c48d42e8cd4fedab7MyBB version 1.8.6 suffers from a remote SQL injection vulnerability.
578a8a6a42f1e722099b1d3ca87e3226ef2457eef8e1c59405a504c20e3f5b73MyBB version 1.8.6 suffers from a cross site request forgery vulnerability. Additionally, it stores passwords using weak hashing and sends password in clear text via email.
351e86f1c83bf425eb67931e6cb7d4733f09eb3e132c0c56808dd7f55ec4eb09Kajona version 4.7 suffers from cross site scripting and directory traversal vulnerabilities.
ed67e0114d9c33fdd1a3636f58d44dd22b21cc8994dda5e7185b29e8a676784cPeel Shopping version 8.0.2 suffers from an object injection vulnerability.
f8e546fb1b2fb0fa264d9960e43b71446e3c9db90f144f95349ceefefa2e21d769 bytes small Cisco ASA authentication bypass (EXTRABACON) better shellcode.
52d60da7cead5faec24d4586ff3dc647622de7386e5e131d3f21e84ea31b0773This is an additional EXTRABACON module for Cisco ASA version 9.2(3). This does not use the same shellcode as the Equation Group version, but accomplishes the same task of disabling the auth functions in less stages/bytes.
b48c246e5c9d0e2536c96945fc13c72466f5ca13beb249ed401f73eedaf53ac4MP3 Cutter version 1.1.0 suffers from a registration bypass flaw.
99ca49468c2b0873ac3f4c1a3263cc0c733ad1d60e29c4f2cd85be483c4ee3c9AnoBBS version 1.0.1 suffers from a remote file inclusion vulnerability.
4c11842d58ef08fa53b6dad979d774aeaffbe2f8389350ae85d0e91ea4ec6dd6BINOM3 power meter suffers from cross site request forgery, weak credential management, information leakage, and cross site scripting vulnerabilities.
da90f0253119dee9efcf642299ab65df9fc9b9a14cd008de6f27108d78d99c7c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed