Kronos Telestaff versions prior to 2.92EU29 suffer from a remote SQL injection vulnerability.
2026990b4ae0d270b09cc355b15de93ad0be6adf7836f695074b12d159a9b6bbThe proxmark3 is a powerful general purpose RFID tool, the size of a deck of cards, designed to snoop, listen and emulate everything from Low Frequency (125kHz) to High Frequency (13.56MHz) tags. This repository contains enough software, logic (for the FPGA), and design documentation for the hardware that you could, at least in theory, do something useful with a proxmark3.
063c654d4450240b2a49fa33cefa35151f6a786e0bed5bc81b651f42c4cf6c3fPeplink version 7.0.0-build1904 suffers from cross site request forgery, cross site scripting, file deletion, and remote SQL injection vulnerabilities.
a35c1582b7882363268493dd6fbe070be8641b56ca33272bfb77a7e2594c12ffUbuntu Security Notice 3308-1 - Dennis Rowe discovered that Puppet incorrectly handled the search path. A local attacker could use this issue to possibly execute arbitrary code. It was discovered that Puppet incorrectly handled YAML deserialization. A remote attacker could possibly use this issue to execute arbitrary code on the master. This update is incompatible with agents older than 3.2.2. Various other issues were also addressed.
4402c8d968a030d3ce3901bd15dcdede2b25e19641c46bed14092fd04e93b5feUbuntu Security Notice 3309-1 - Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbitrary code.
604750eb7ea85fc1263f64be0adbb377df9564063ad40ae67615914bdbdb3dc9HPE Security Bulletin HPESBGN03752 1 - A potential security vulnerability in the OpenSSL Library may impact HPE IceWall products. The vulnerability could be remotely exploited to allow denial of service (DoS). Revision 1 of this advisory.
e1be692613896d0ec38c1114c9116b22d8b6c2109db04949b8b4f89dd662d352HPE Security Bulletin HPESBHF03756 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
a0ee99b3d56b95fb9463524723438bd2b461df7691a15596db5994f5045fe8ecApple Safari version 10.1 suffers from a spread operator integer overflow vulnerability.
2c0f5292b08697d84ad06fa095308fd81efb603b3e447a509d09fc788e83453431 bytes small Linux/x86-64 JMP CALL POP /bin/sh shellcode.
95dad731ba6f9381cfcdea23e78eed4588b15b3cc9e26f9b88bfc03648697c81Home Web Server version 1.9.1 build 164 suffers from a remote code execution vulnerability.
ff9988d7c389d08b25c36b849ade084929a46bcdfaf26e16f7c71038b5dc0e16BIND version 9.10.5 for x86 and x64 on Windows suffers from an unquoted service path vulnerability that can allow for privilege escalation.
39bb02902250325dc8dcc1576f0306ade384ae1bdc0f1e5e1451e7fa784c9075Red Hat Security Advisory 2017-1390-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.
b82dab742fc9bf4d92050f85481665161b8fdeb94567970370ad1d054e8d41deDebian Linux Security Advisory 3873-1 - The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value.
669492e2b6634929ca6740fee2a0e7aa50309178b09ab44dcbff2acc9c6e2e4aDNSTracer version 1.8.1 suffers from a buffer overflow vulnerability.
d8764fd42c39ba48208daf898bebc1d4283b3291ef3cf1eff0117febbee335b9CompuLab manufactures and sells the IntensePC / MintBox 2, which is a small Intel-based fanless PC sold to end-users and industrial customers. It was discovered that in the default configuration write-protection is not enabled for the BIOS/ME/GbE regions of flash.
ff8900cf8ecac46185548e975afba3495d20bd3fa8cb061db438a6e0a2baf20b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed