Geovision Inc. devices GV-BX1500 version 3.10 2016-12-02 and GV-MFD1501 version 3.12 2017-06-19 suffer from remote command execution, stack overflow, double free, and other vulnerabilities.
7a2bf67cd575912d572ecc402f32d09f5809e3d7f3a5c416391dbfd0d2bf6af2
Multiple versions of Whole Vibratissimo Smart Sex Toy suffer from credential disclosure, exposed administrative interface, cleartext storage of passwords, unauthenticated bluetooth LE connection, and other vulnerabilities. These devices screw you in more way than one.
403b854be58e2556751dd002c7f0a562d2d43e1248c002ec974b81219a814700
Sourcetree for macOS versions 1.0b2 up to 2.7.0 and Sourcetree for Windows versions 0.5.1.0 up to 2.4.7.0 suffers from multiple command injection vulnerabilities.
d2c94b00ad0ef81396b3578120ab94bfa7b4948ed21552a912349549577784ea
WordPress Doctor Appointment Booking plugin version 1.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
49cd7b4eb3a8f3cf31b754a8e7e2890c0f924d7fcc746e3dea375ee14f64a9af
KonaKart eCommerce Platform versions prior to 8.8 suffer from a directory traversal vulnerability.
69b02968b66401d2c8733fae55bc3d34bcb6af705d806f25e6c8dcee66aa308b
Red Hat Security Advisory 2018-0262-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.6.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
b846c6ee49cf2db644f765631e5090af3334a0937b6724e2f124a90b353c337a
Debian Linux Security Advisory 4103-1 - Several vulnerabilities have been discovered in the chromium web browser.
0232427a8fa65d0a0a92842130d4b9bc4ee9c97fecc4d571aa0deb098224339c
Wikindx version 5.2.1 suffers from a cross site scripting vulnerability.
1f4b9115e2ad6778baaa76be57eba522ba9afa4395a1fe5a9898a25cc443a63a
Ubuntu Security Notice 3555-2 - USN-3555-2 fixed vulnerabilities in w3m. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. It was discovered that w3m incorrectly handled temporary files. An attacker could possibly use this to overwrite arbitrary files. Various other issues were also addressed.
a47b5b2573b989e79bccd0fa4e464331ab5a54b037b27dd2ad1e9d623adf9945
Ubuntu Security Notice 3555-1 - It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. It was discovered that w3m incorrectly handled temporary files. An attacker could possibly use this to overwrite arbitrary files.
8f59f122aae1de2da3a9bcd77710d6f8944a245959d269a4c7015e3dc3770075
Red Hat Security Advisory 2018-0265-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 64.0.3282.119. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
4100da6ea83f5d43a9334597d496ae716631e09671e5deb4cd5c485092ba4bb5
Mara CMS version 7.1 suffers from a cross site scripting vulnerability.
9d39679d31af2e77c00fc7e1c8ce10250b63b94ccad54dd4ee556d1429e08ddc
Rich FileManager version 2.7.0 suffers from a cross site scripting vulnerability via a malicious file upload.
99c069cda5f9c5abff40ace5e68331ab7d9b135199b4d370d036a9872f7aef7d
Free CMS version 1.0a suffers from a cross site scripting vulnerability via a malicious upload.
563e1cab4daf258234f2dd5f4024a81d34d6a3ffaa7d84731fb4ba52265b123b
This archive contains all of the 268 exploits added to Packet Storm in January, 2018.
7e5a3bf17c890cbc7f6043993aa45f75bcf3817920813523342419e2bc02b55c