Student Enrollment version 1.0 suffers from an unauthenticated remote code execution vulnerability.
c80c7f129fa1a17c5a5b57e6c9db7a73d49adee7424f841a2ecf7c91ad9ada1eOdoo version 12.0 suffers from a local file inclusion vulnerability.
8a281d381ff8257aa741b6907320da48bafd8aee565536d62c8a646d1e5b6ea2WebPort version 1.19.1 suffers from multiple reflective cross site scripting vulnerabilities.
41cb6485bf5e035d4851be24eb39824dc1a47ab1146412bf9506a4d7447ad66dFileRun version 2019.05.21 suffers from a reflective cross site scripting vulnerability.
ef7e9efac3811937fddec1ac06b401d037a1744af827130ce2cfc34446054171Ubuntu Security Notice 4401-1 - It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate certificate. Various other issues were also addressed.
882ace3871b356da4924f891c0b5b096177d1befadf43a61452d5801b0005682Online Student Enrollment System version 1.0 suffers from an unauthenticated arbitrary file vulnerability.
064a9332857173fea7fedcc2737f6d91ed1dfad56d7b15adb5bc5b7a3441673cThis Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. Unauthenticated users can execute a terminal command under the context of the root user. The specific flaw exists within the LogSettingHandler class of administrator interface software. When parsing the mount_device parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. But authentication is required to exploit this vulnerability. Another specific flaw exist within the proxy service, which listens on port 8080 by default. Unauthenticated users can exploit this vulnerability in order to communicate with internal services in the product. Last but not least a flaw exists within the Apache Solr application, which is installed within the product. When parsing the file parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the IWSS user. Due to combination of these vulnerabilities, unauthenticated users can execute a terminal command under the context of the root user. Version prior to 6.5 SP2 Patch 4 (Build 1901) are affected.
4aee71179ce97ff14964220e5add145f6a56bc5f34e2d1ffa3729b6a8b812d7cUbuntu Security Notice 4400-1 - It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges.
8debac815390ca92b098aa8e3c85303c062df84c7ae990e004520df7d3dc7970Red Hat Security Advisory 2020-2646-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.
d1788a8e61cb334acd50091690da62efff82c9e0d9528c9f46c5226408959805Red Hat Security Advisory 2020-2644-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.
3c5cb032e0a7a155597c19347749b668adb80897922efd1951e936de20b50b4fRed Hat Security Advisory 2020-2642-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
af0f7cc801ee4b89133e51c786a7814022ac78d0427b2d9138d5ef7fe46f338aRed Hat Security Advisory 2020-2615-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Issues addressed include information leakage and use-after-free vulnerabilities.
c922476117829460740b9b3aad6039736614ea3543beb85a8354c734d2d87d24Red Hat Security Advisory 2020-2643-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 83.0.4103.106. Issues addressed include out of bounds write and use-after-free vulnerabilities.
da7ff03483093d698fb3c3ac34f16970532a356efcc01f5712b696466bacae54Red Hat Security Advisory 2020-2640-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Multiple denial of service related vulnerabilities were addressed.
e267ec6108807812848e4e010541821f1d5880fa63c5b39723afb536eab5a8deRed Hat Security Advisory 2020-2641-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include a server-side request forgery vulnerability.
564c9610e0b10697551a75e1e31c1760faef3d9c10a7ea4796c1ddb4315bd5b4Red Hat Security Advisory 2020-2637-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.
75e20d2ad7787693194645be75739ed1dbd377aebd8eafabfc4c215110018701Red Hat Security Advisory 2020-2638-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.
c23fb9ec6d6c8f98388464967da270f6e08492eaf03d2f00d45bfbb844a79d5cRed Hat Security Advisory 2020-2639-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.
659bc136b339fefd06456f7340bedbfb5561c8e45e51bc36c5c892767f1aa198Mereo version 1.9.4 suffers from a remote HTTP server denial of service vulnerability.
d6300ac00f278bb859d9e2ce52daca06a011e19464356f45de116353513b9f52Frigate version 2.02 suffers from a denial of service vulnerability.
432174efa739ce6b6f45ef4c99dda1e4a65c0c480bbd3dfb867064651983b1ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed