Ubuntu Security Notice 3616-2 - USN-3616-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.
bba26afb207ddfb1391a3848e4cd104dThe CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web server. Versions prior to 9.9.5, prior to 10.1, and 10.1 are affected.
15df09b097ae3bbbbbf2b776522b1bc8KYOCERA Multi-Set Template Editor version 3.4.0906 suffers from an out-of-band XML external entity injection vulnerability.
0c8850a036da5916bbb8e718eccc4d21Gentoo Linux Security Advisory 201804-9 - A vulnerability in SPICE VDAgent could allow local attackers to execute arbitrary commands. Versions prior to 0.17.0_p20180319 are affected.
dcdaf45598f66ad01e48ce3603651b58WordPress Simple Fields plugin versions 0.2 through 0.3.5 suffer from file inclusion and remote code execution vulnerabilities.
6e2bf334cdac7f3f761fe52b39953c1eWolfCMS 0.8.3.1 suffers from an open redirect vulnerability.
9659658b3ba770b72d025bbfce1467caGentoo Linux Security Advisory 201804-8 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow an attacker to execute arbitrary code. Versions less than 2.11.1-r1 are affected.
c969153354519977c6d88060ae101ad8MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.
8307c11ddec1b8fa0f7961c36a8fbefcKYOCERA Net Admin version 3.4.0906 suffers from a cross site request forgery vulnerability.
7ad8f76f1fae53993f2d3a96a9888f6fKYOCERA Net Admin version 3.4.0906 suffers from a cross site scripting vulnerability.
018207298d9757ca292421d347ec5edbGentoo Linux Security Advisory 201804-7 - Multiple vulnerabilities have been discovered in libvirt, the worst of which may result in the execution of arbitrary commands. Versions less than 4.1.0 are affected.
b04af1b683130936c53fe58b5133575dGentoo Linux Security Advisory 201804-6 - Multiple vulnerabilities were discovered in mailx, the worst of which may allow a remote attacker to execute arbitrary commands. Versions less than 8.1.2.20160123 are affected.
2e4e9fe8ef30bcc7e51cf5d14291f7bbThis is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack.
a7800e5b746d5a13f5f887936bcbc785CyberArk Password Vault versions prior to 9.7 and 10 suffer from a memory disclosure vulnerability.
b723ff08301bf0026842a24515018be5GoldWave version 5.70 SEH unicode local buffer overflow exploit.
544a4441dc2643b7e93657646a616123H2 Database suffers from an alias related arbitrary code execution vulnerability.
6258e5f0b2d9984d657f41ca330733fbYahei PHP Prober version 0.4.7 suffers from a cross site scripting vulnerability.
f12a62cb7579b29c118d5b72292a0c3eWP Live Chat Support version 8.0.05 suffers from a cross site scripting vulnerability.
49cae5682990389bb8e36325ff6af95dBuddypress Xprofile Custom Fields Type version 2.6.3 suffers from a remote code execution vulnerability.
b1271d808196ceb371045fc509388d79Cobub Razor version 0.7.2 bypass exploit to add new superuser account without authentication.
0e1d53745d7c2e94e6421e548e49b273testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
d067f85eced11c0a7f36d863e08a45ab
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed